WordPress Trac: {32} Enhancements and Feature Requests, Next Major Releasehttp://core.trac.wordpress.org/report/32
Trac Report - {{{
#!span class="create-new-ticket button button-large button-primary"
[https://login.wordpress.org/?redirect_to=https://core.trac.wordpress.org/newticket Create a new ticket]
}}}
* Many of these tickets need to be triaged and eventually punted
* Active enhancement and feature request tickets slated for the next major release, workflow oriented
* Sort by component, type, summary
* Accepted tickets have an '*' appended to their owner's name
* Default owners in a component are shown in parentheses if the ticket status remains 'new'en-usWordPress Trachttp://core.trac.wordpress.org/chrome/site/your_project_logo.pnghttp://core.trac.wordpress.org/report/32
Trac v1.2.2#43982: The test suite shouldn't assume that the data directory existsjohnbillionSun, 06 May 2018 16:49:29 GMTThu, 24 May 2018 13:29:45 GMT<p>
It's possible to bundle the WordPress unit test framework inside a project by including the contents of the <code>tests/phpunit/includes</code> directory.
</p>
<p>
However the test framework makes an assumption that the <code>tests/phpunit/data/themedir1</code> directory exists and causes a PHP notice to be triggered:
</p>
<pre class="wiki">Notice: tests/phpunit/wordpress-tests-lib/includes/../data/themedir1 is not readable in wp-includes/theme.php on line 471
</pre>johnbillionhttp://core.trac.wordpress.org/ticket/43982
http://core.trac.wordpress.org/ticket/43982Report#43675: UI adjustments for comments and posts timestamp inputs . Make the input text look centralized.birgireMon, 02 Apr 2018 15:11:04 GMTTue, 03 Apr 2018 10:38:11 GMT<p>
The timestamp inputs on the <em>post</em>- and <em>comment</em> edit screens are not text centralized, like they are in the <strong>quick-edit</strong> forms for posts.
</p>
<p>
It looks like this can fixed by e.g. adjusting the margins/widths/paddings. The quick-edit forms are not using <code>text-align</code> as <code>center</code> though.
</p>
<p>
These fields are:
</p>
<ul><li><code>#aa</code> (year),
</li><li><code>#mm</code> (month),
</li><li><code>#jj</code> (day),
</li><li><code>#hh</code> (hour)
</li><li><code>#mm</code> (minutes)
</li></ul><p>
under <code>#timestampdiv</code>.
</p>
birgirehttp://core.trac.wordpress.org/ticket/43675
http://core.trac.wordpress.org/ticket/43675Report#44108: wp-admin/load-styles.php returns 200 status code and empty response if required GET parameter is missing or invalidcompilenixWed, 16 May 2018 11:21:46 GMTWed, 16 May 2018 16:05:51 GMT<p>
It happend to me that a nginx reverse proxy did cut off all query parameters.
This resulted in no CSS and JS for the WP backend / login.
</p>
<p>
Because the request was manipulated by a (reverse-) proxy i wasn't able to see that the request passed to wordpress was indeed "invalid", beacuse the load[] parameter is required to do something meaningful.
</p>
<p>
I want to add a small patch which checks if the load[] parameter is set and is formally valid.
In the case where the load[] parameter isn't valid there should be an appropiate indicator that there is something wrong.
With this I'm aiming to make it easier, for a developer or system administrator, to find this kind of "error".
</p>
compilenixhttp://core.trac.wordpress.org/ticket/44108
http://core.trac.wordpress.org/ticket/44108Report#43602: Add to the privacy tools UX a means to erase personal data by username or email addressallendavWed, 21 Mar 2018 17:37:42 GMTThu, 17 May 2018 13:17:47 GMT<p>
Similar to <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/43546" title="#43546: enhancement: Add to the privacy tools UX a means to export personal data by ... (assigned)">#43546</a> but for GDPR Right to Erasure
</p>
<p>
Provides a means for an admin to erase personal data for a registered or no-priv user based on their username or email address.
</p>
<p>
Adds it to the appropriate place in the overall UX defined by <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/43481" title="#43481: enhancement: Add tabs and placeholders to privacy tools page in wp-admin (closed: fixed)">#43481</a>
</p>
<p>
Leverages the work done in <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/43438" title="#43438: enhancement: Add filters and Ajax support for personal data export (assigned)">#43438</a>
</p>
<p>
Allows plugins to optionally surface controls to allow the admin to opt-out of erasing certain data (e.g. for legal or other reasons)
</p>
allendavhttp://core.trac.wordpress.org/ticket/43602
http://core.trac.wordpress.org/ticket/43602Report#43546: Add to the privacy tools UX a means to export personal data by username or email addressallendavWed, 14 Mar 2018 19:23:27 GMTThu, 17 May 2018 16:38:03 GMT<p>
Provides a means for an admin to generate a personal data export for a registered or no-priv user based on their username or email address.
</p>
<p>
Adds it to the appropriate place in the overall UX defined by <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/43481" title="#43481: enhancement: Add tabs and placeholders to privacy tools page in wp-admin (closed: fixed)">#43481</a>
</p>
<p>
Leverages the work done in <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/43438" title="#43438: enhancement: Add filters and Ajax support for personal data export (assigned)">#43438</a>
</p>
allendavhttp://core.trac.wordpress.org/ticket/43546
http://core.trac.wordpress.org/ticket/43546Report#43586: Minor UI adjustments to the Author box in the Edit Comment screenbirgireTue, 20 Mar 2018 15:18:12 GMTSat, 19 May 2018 21:52:22 GMT<p>
Here are few suggestions for the <em>Author</em> box in the <em>Edit Comment</em> screen:
</p>
<ul><li>Add an underline for the <em>Author</em> title (like in meta-box headers).
</li><li>Remove the colons as they are not (usually?) used before inputs in wp-admin.
</li><li>Adjust the padding/margin, similar to other meta-boxes.
</li></ul><p>
Location example: <code>/wp-admin/comment.php?action=editcomment&amp;c=123</code>
</p>
birgirehttp://core.trac.wordpress.org/ticket/43586
http://core.trac.wordpress.org/ticket/43586Report#37406: Add ability to specify post_type in post_exists function - post.phpsgarzaTue, 19 Jul 2016 00:36:33 GMTWed, 31 Jan 2018 08:35:55 GMT<p>
Currently <code>post_exists()</code> has no way of refining the query down to a particular post type. Adding a fourth argument to specify a post type would make this function more useful for custom post type development.
</p>
<div class="wiki-code"><div class="code"><pre><span class="cp">&lt;?php</span>
<span class="k">function</span> <span class="nf">post_exists</span><span class="p">(</span><span class="nv">$title</span><span class="p">,</span> <span class="nv">$content</span> <span class="o">=</span> <span class="s1">''</span><span class="p">,</span> <span class="nv">$date</span> <span class="o">=</span> <span class="s1">''</span><span class="p">,</span> <span class="nv">$type</span> <span class="o">=</span> <span class="s1">''</span><span class="p">)</span> <span class="p">{</span>
<span class="k">global</span> <span class="nv">$wpdb</span><span class="p">;</span>
<span class="nv">$post_title</span> <span class="o">=</span> <span class="nx">wp_unslash</span><span class="p">(</span> <span class="nx">sanitize_post_field</span><span class="p">(</span> <span class="s1">'post_title'</span><span class="p">,</span> <span class="nv">$title</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="s1">'db'</span> <span class="p">)</span> <span class="p">);</span>
<span class="nv">$post_content</span> <span class="o">=</span> <span class="nx">wp_unslash</span><span class="p">(</span> <span class="nx">sanitize_post_field</span><span class="p">(</span> <span class="s1">'post_content'</span><span class="p">,</span> <span class="nv">$content</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="s1">'db'</span> <span class="p">)</span> <span class="p">);</span>
<span class="nv">$post_date</span> <span class="o">=</span> <span class="nx">wp_unslash</span><span class="p">(</span> <span class="nx">sanitize_post_field</span><span class="p">(</span> <span class="s1">'post_date'</span><span class="p">,</span> <span class="nv">$date</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="s1">'db'</span> <span class="p">)</span> <span class="p">);</span>
<span class="nv">$post_type</span> <span class="o">=</span> <span class="nx">wp_unslash</span><span class="p">(</span> <span class="nx">sanitize_post_field</span><span class="p">(</span> <span class="s1">'post_type'</span><span class="p">,</span> <span class="nv">$type</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="s1">'db'</span> <span class="p">)</span> <span class="p">);</span>
<span class="nv">$query</span> <span class="o">=</span> <span class="s2">"SELECT ID FROM </span><span class="si">$wpdb-&gt;posts</span><span class="s2"> WHERE 1=1"</span><span class="p">;</span>
<span class="nv">$args</span> <span class="o">=</span> <span class="k">array</span><span class="p">();</span>
<span class="k">if</span> <span class="p">(</span> <span class="o">!</span><span class="k">empty</span> <span class="p">(</span> <span class="nv">$date</span> <span class="p">)</span> <span class="p">)</span> <span class="p">{</span>
<span class="nv">$query</span> <span class="o">.=</span> <span class="s1">' AND post_date = %s'</span><span class="p">;</span>
<span class="nv">$args</span><span class="p">[]</span> <span class="o">=</span> <span class="nv">$post_date</span><span class="p">;</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span> <span class="o">!</span><span class="k">empty</span> <span class="p">(</span> <span class="nv">$title</span> <span class="p">)</span> <span class="p">)</span> <span class="p">{</span>
<span class="nv">$query</span> <span class="o">.=</span> <span class="s1">' AND post_title = %s'</span><span class="p">;</span>
<span class="nv">$args</span><span class="p">[]</span> <span class="o">=</span> <span class="nv">$post_title</span><span class="p">;</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span> <span class="o">!</span><span class="k">empty</span> <span class="p">(</span> <span class="nv">$content</span> <span class="p">)</span> <span class="p">)</span> <span class="p">{</span>
<span class="nv">$query</span> <span class="o">.=</span> <span class="s1">' AND post_content = %s'</span><span class="p">;</span>
<span class="nv">$args</span><span class="p">[]</span> <span class="o">=</span> <span class="nv">$post_content</span><span class="p">;</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span> <span class="o">!</span><span class="k">empty</span> <span class="p">(</span> <span class="nv">$type</span> <span class="p">)</span> <span class="p">)</span> <span class="p">{</span>
<span class="nv">$query</span> <span class="o">.=</span> <span class="s1">' AND post_type = %s'</span><span class="p">;</span>
<span class="nv">$args</span><span class="p">[]</span> <span class="o">=</span> <span class="nv">$post_type</span><span class="p">;</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span> <span class="o">!</span><span class="k">empty</span> <span class="p">(</span> <span class="nv">$args</span> <span class="p">)</span> <span class="p">)</span>
<span class="k">return</span> <span class="p">(</span><span class="nx">int</span><span class="p">)</span> <span class="nv">$wpdb</span><span class="o">-&gt;</span><span class="na">get_var</span><span class="p">(</span> <span class="nv">$wpdb</span><span class="o">-&gt;</span><span class="na">prepare</span><span class="p">(</span><span class="nv">$query</span><span class="p">,</span> <span class="nv">$args</span><span class="p">)</span> <span class="p">);</span>
<span class="k">return</span> <span class="mi">0</span><span class="p">;</span>
<span class="p">}</span>
</pre></div></div>sgarzahttp://core.trac.wordpress.org/ticket/37406
http://core.trac.wordpress.org/ticket/37406Report#42804: type is not required in HTML5sasiddiquiTue, 05 Dec 2017 10:51:33 GMTThu, 18 Jan 2018 06:46:48 GMT<p>
type is no more required in style and script tags in HTML5. Now HTML Validator start throwing warnings on the script and style tags which contains the types.
</p>
<p>
Attaching a path which fixes the issues for inline and enqueued files (CSS and JS).
</p>
sasiddiquihttp://core.trac.wordpress.org/ticket/42804
http://core.trac.wordpress.org/ticket/42804Report#40161: Wrong documented or coded 'schedule_event' filteresemlabelWed, 15 Mar 2017 12:39:06 GMTTue, 10 Apr 2018 10:48:52 GMT<p>
<a href="https://core.trac.wordpress.org/browser/trunk/src/wp-includes/cron.php#L41">https://core.trac.wordpress.org/browser/trunk/src/wp-includes/cron.php#L41</a>
says that $event parameter should always be an object.
</p>
<p>
But the following code allows to terminate script only when passing "false" values to filter ("", array(), null, 0 or false), whereas checking false as object will produce error.
</p>
<p>
The documentation should be changed to force check isset( $event-&gt;hook ) when using this filter, otherwise the filter should be changed to something like this
</p>
<div class="wiki-code"><div class="code"><pre><span class="cp">&lt;?php</span>
<span class="nv">$event</span> <span class="o">=</span> <span class="nx">apply_filters</span><span class="p">(</span> <span class="s1">'schedule_event'</span><span class="p">,</span> <span class="nv">$event</span><span class="o">-&gt;</span><span class="na">hook</span><span class="p">,</span> <span class="nv">$event</span> <span class="p">);</span>
<span class="k">if</span> <span class="p">(</span> <span class="o">!</span> <span class="nv">$event</span><span class="o">-&gt;</span><span class="na">hook</span> <span class="p">)</span>
<span class="k">return</span> <span class="k">false</span><span class="p">;</span>
</pre></div></div>esemlabelhttp://core.trac.wordpress.org/ticket/40161
http://core.trac.wordpress.org/ticket/40161Report#43438: Add filters and Ajax support for personal data exportazaozzWed, 28 Feb 2018 17:04:23 GMTWed, 16 May 2018 21:27:37 GMT<p>
It is a GDPR requirement that users should be able to export their private data from one site and (eventually) import/reuse it at another.
</p>
<p>
As discussed in <a class="ext-link" href="https://wordpress.slack.com/archives/C9695RJBW/p1519836137000439"><span class="icon">​</span>Slack</a>, this is the data the users entered themselves like name, email, nickname, etc. This is not automatically generated data about the user like ID, IP addresses, browser UA (for comments), etc.
</p>
<p>
All of this data is already available/visible on the user's profile screen. It also has to be downloadable in a common format like JSON.
</p>
azaozzhttp://core.trac.wordpress.org/ticket/43438
http://core.trac.wordpress.org/ticket/43438Report#43967: Admin emails after email confirmation don't work for GDPR requestsgarrett-eclipseFri, 04 May 2018 22:19:24 GMTWed, 23 May 2018 15:28:12 GMT<p>
Hello,
</p>
<p>
While testing the GDPR requests I found that the admin emails aren't being triggered once the user has confirmed their email.
</p>
<p>
To reproduce;
</p>
<ul><li>Submit an Export or Removal request
</li><li>From the confirmation email click the confirmation link
</li><li>You'll note the message displayed indicate an admin email was generated but as the admin you won't receive one and if you had Email Log or another plugin in place you'll note one was never spawned.
</li></ul><p>
So currently the admin users won't know about a request confirmation until they login to the request panels.
</p>
<p>
Please setup admin emails for both the export and removal requests once a user has confirmed their email. It would be nice if this email either has a link for the next action or at least links to the appropriate request panel and indicates for which user the request was confirmed.
</p>
<p>
Thank you
</p>
garrett-eclipsehttp://core.trac.wordpress.org/ticket/43967
http://core.trac.wordpress.org/ticket/43967Report#18391: Expand WP_DEBUG_LOG and make WP_DEBUG_DISPLAY work as expectednacinSat, 13 Aug 2011 05:45:21 GMTTue, 17 Apr 2018 01:23:44 GMT<h2 id="WP_DEBUG_LOG">WP_DEBUG_LOG</h2>
<p>
WP_DEBUG_LOG currently creates wp-content/error.log. We should expand this to allow a path.
</p>
<p>
To do this, if WP_DEBUG_LOG is !== true, != 1, != 'true', (anything else?) and 0 === validate_file(), we should treat it as a path.
</p>
<h2 id="WP_DEBUG_DISPLAY">WP_DEBUG_DISPLAY</h2>
<p>
Setting WP_DEBUG_DISPLAY to false does not set display_errors to false. Instead, it prevents display_errors from being set to on. This forces a call to ini_set to turn off display_errors, assuming your php.ini is set to On, as expected for a development environment configuration.
</p>
<p>
Instead, setting WP_DEBUG_DISPLAY to false should set display_errors to false. I've been thinking about this for months now, and the only situation I can come up with that this would be a compatibility issue would be when you deliberately have a production php.ini on production and a development php.ini in development. In this situation, WP_DEBUG_DISPLAY = false would screw up your development environment only -- the only breakage would be showing less errors, rather than more.
</p>
<p>
WP_DEBUG_DISPLAY === null can remain a passthrough.
</p>
<p>
Patch forthcoming.
</p>
nacinhttp://core.trac.wordpress.org/ticket/18391
http://core.trac.wordpress.org/ticket/18391Report#42308: Update Grunt to version 1.0.1iandunnSun, 22 Oct 2017 22:58:50 GMTMon, 26 Feb 2018 23:45:11 GMT<p>
We're currently on Grunt <code>0.4.5</code>, which is 1 major version behind the latest, <code>1.0.1</code>.
</p>
<p>
Upgrading to the latest would benefit <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/42282" title="#42282: enhancement: Provide means of executing PHPUnit continuously over watched files in ... (closed: fixed)">#42282</a>, because it adds support for multiple values for command line parameters, e.g.,
</p>
<p>
<code>grunt watch:phpunit --files=wp-includes/http.php --files=wp-includes/Requests --group=http</code>
</p>
<p>
<a class="ext-link" href="https://github.com/gruntjs/grunt/blob/ac9de1240b7aa286995742e2424aa2138a521c11/CHANGELOG"><span class="icon">​</span>Changes since 0.4.5</a>.
</p>
iandunnhttp://core.trac.wordpress.org/ticket/42308
http://core.trac.wordpress.org/ticket/42308Report#4575: Add functions to return the last-modified timestamp of a category/tagdelusionsMon, 02 Jul 2007 12:36:26 GMTTue, 27 Mar 2018 03:03:10 GMT<p>
Hi,
</p>
<p>
All categories Last-Modified dates are the same, and thats a one big rss file i guess.
Is there a chance to send individual Last-Modified dates to these feed ?
</p>
<p>
Thanks
</p>
delusionshttp://core.trac.wordpress.org/ticket/4575
http://core.trac.wordpress.org/ticket/4575Report#43041: Rename the capital_P_dangit functiondanieltjMon, 08 Jan 2018 08:56:46 GMTThu, 01 Feb 2018 08:24:03 GMT<p>
I'm not too bothered about the capital_P_dangit function in terms of what it does. Correcting Wordpress to WordPress is fine by me. Capitalise the <code>P</code> and it never worries you.
</p>
<p>
My problem with this function is the name and documentation of it. Taken from a 4.9.1 install:
</p>
<p>
<strong><em>wp-includes/formatting.php, line 4805</em></strong>:
</p>
<pre class="wiki">Forever eliminate "Wordpress" from the planet (or at least the little bit we can influence).
Violating our coding standards for a good function name.
</pre><p>
As funny as the name might seem the first time around, violating the coding standards doesn't seem like something that should live on in core for the sake of a gag. I'd like to propose that <code>capital_P_dangit</code> is deprecated and used as a wrapper function for a newly named <code>wp_brand_awareness</code>.
</p>
<p>
I personally think <code>wp_brand_awareness</code> is a better name, fits in with coding standards and still does what it's set out to do, but in a more 'WordPress-esque' way. I'd also suggest updating the documentation to remove the comment about <code>from our planet</code> and <code>for a gag</code> lines too.
</p>
danieltjhttp://core.trac.wordpress.org/ticket/43041
http://core.trac.wordpress.org/ticket/43041Report#42904: Speed up unit tests by disabling password hashingFrank KleinThu, 14 Dec 2017 19:47:17 GMTWed, 27 Dec 2017 10:41:27 GMT<p>
Whenever the factory creates a new user during a test, it calls <code>wp_insert_user()</code>. This function calls <code>wp_hash_password()</code>, which internally uses <code>PasswordHash::HashPassword()</code> to create a hash of the default password.
</p>
<p>
In the context of most unit tests, users do not need hashed passwords. Hashing has a performance impact, so the tests should run a bit faster if we avoid hashing if we don't need to.
</p>
<p>
The attached patch introduces a mock password hasher, that is used by the entirety of the tests The exception are a few tests that rely on authentication to work properly.
</p>
Frank Kleinhttp://core.trac.wordpress.org/ticket/42904
http://core.trac.wordpress.org/ticket/42904Report#22889: Reconsider no-JS ?replytocom= linksmarkjaquithWed, 12 Dec 2012 15:13:20 GMTWed, 07 Feb 2018 21:53:41 GMT<p>
We have a no-JS fallback for comment replies. Normally JS moves the comment form around. For people with JavaScript disabled, they follow the <code>?replytocom={123}</code> link. This results in a lot of extra crawling by search engines (potentially an additional crawl per reply-able comment!) in exchange for enabling an awkwardly executed, likely underused, and non-essential feature for non-JS users.
</p>
<p>
I'd like to consider making comment reply JS-only.
</p>
markjaquithhttp://core.trac.wordpress.org/ticket/22889
http://core.trac.wordpress.org/ticket/22889Report#12056: target="_blank" being stripped from Profile Bio and Category DescriptionlovewpmuWed, 27 Jan 2010 16:50:00 GMTTue, 12 Dec 2017 15:05:12 GMT<p>
Many apologies if this is a duplicate. I have searched but did not find it yet posted.
</p>
<p>
I noticed that target="_blank" is being stripped from my "a href" tags my profile "Biographical Info" field even though the "a href" with the URL and closing tag still remain. It happens every time I save my profile.
</p>
<p>
This was independently verified.
</p>
<p>
It is a regular wordpress install running 2.9.1 (not wordpressmu, etc.).
</p>
<p>
My original thread can be found here:
<a class="ext-link" href="http://wordpress.org/support/topic/355388?replies=1"><span class="icon">​</span>http://wordpress.org/support/topic/355388?replies=1</a>
</p>
lovewpmuhttp://core.trac.wordpress.org/ticket/12056
http://core.trac.wordpress.org/ticket/12056Report#43339: Global user_options calls should use user_meta insteadjohnjamesjacobyFri, 16 Feb 2018 21:48:39 GMTSat, 17 Feb 2018 06:16:33 GMT<p>
There are 2 places where WordPress uses the <code>user_option</code> functions with the global flag set to <code>true</code> which internally invokes the <code>user_meta</code> functions.
</p>
<p>
In these cases, there is no benefit to using <code>user_option</code> and only a detriment by way of additional function calls.
</p>
<p>
The user-meta keys in question are:
</p>
<ul><li><code>default_password_nag</code>
</li><li><code>community-events-location</code>
</li></ul>johnjamesjacobyhttp://core.trac.wordpress.org/ticket/43339
http://core.trac.wordpress.org/ticket/43339Report#42870: unit test for is_serialized_string()pbearneMon, 11 Dec 2017 18:37:32 GMTMon, 11 Dec 2017 20:00:32 GMT<p>
just a unit
</p>
pbearnehttp://core.trac.wordpress.org/ticket/42870
http://core.trac.wordpress.org/ticket/42870Report#41305: Add lazily evaluated translationsschlesseraThu, 13 Jul 2017 11:16:56 GMTMon, 30 Apr 2018 08:36:41 GMT<p>
In the context of <a class="new ticket" href="http://core.trac.wordpress.org/ticket/40988" title="#40988: enhancement: Use objects for `get_item_schema()` calls (new)">#40988</a>, I did a few performance tests and experimented with adding a lazily evaluated translation object.
</p>
<p>
The general principle is this:
</p>
<p>
Instead of returning the resulting string of a translation, return an object for which the <code>__toString()</code> and <code>jsonSerialize()</code> methods will fetch the resulting string instead.
</p>
<p>
I tested by having the <code>__()</code> method return such a proxy object, instead of the actual translated string.
</p>
<p>
From a quick profiling run on <code>wptrunk.dev/wp-json/wp/v2/posts</code>, I got the following results:
</p>
<p>
Returning a <code>translate()</code> from <code>__()</code>:
</p>
<pre class="wiki">Wall Time 162ms
CPU Time 157ms
I/O Time 5.48ms
Memory 16.5MB
Network n/a n/a n/a
SQL 4.41ms 13rq
</pre><p>
Returning a <code>TranslationProxy</code> from <code>__()</code>:
</p>
<pre class="wiki">Wall Time 144ms -19ms -14.9%
CPU Time 138ms -18ms -15.4%
I/O Time 5.33ms -154µs -3.0%
Memory 16.6MB +81.6KB n/s
Network n/a n/a n/a
SQL 4.33ms 13rq
</pre><p>
As you can see, this shaved off almost 15% from this simple request.
</p>
<p>
It saved 2255 calls to <code>translate()</code>, 2157 calls to <code>get_translations_for_domain()</code> and, more importantly still, 2156 calls to <code>apply_filters()</code> (which could involve a lot of additional processing in some cases).
</p>
<p>
The main problem with this approach is that WordPress does not contain real type-hinting, so BC is broken wherever the proxy is not echoed, but used directly.
</p>
<p>
As we cannot possibly foresee how plugins might use their localized strings, I suggest adding new lazy variations of the translation functions. To mirror the "echo" variations that prefix the translation functions with an <code>e</code>, I'd suggest using the <code>l</code> prefix for these variations:
</p>
<div class="wiki-code"><div class="code"><pre><span class="x">// Lazily retrieve the translation of $text.
_l( $text , $domain = 'default' );
// Lazily retrieve the translation of $text and escape it for safe use in an attribute.
esc_attr_l( $text, $domain = 'default' );
// Lazily retrieve the translation of $text and escape it for safe use in HTML output.
esc_html_l( $text, $domain = 'default' );
// Lazily retrieve translated string with gettext context.
_lx( $text, $context, $domain = 'default' );
// Lazily translate string with gettext context, and escape it for safe use in an attribute.
esc_attr_lx( $text, $context, $domain = 'default' );
// Lazily translate string with gettext context, and escape it for safe use in HTML output.
esc_html_lx( $text, $context, $domain = 'default' );
</span></pre></div></div><p>
Arbitrary testing has shown that using such lazily evaluated translations strategically can improve the performance by 10-30% for certain scenarios.
</p>
<p>
Implementing them in this BC fashion allows us to fine-tune Core usage and make it available to plugins, while playing it safe with existing code.
</p>
schlesserahttp://core.trac.wordpress.org/ticket/41305
http://core.trac.wordpress.org/ticket/41305Report#42888: Add a "Show" button next to password fields on mobilejohnbillionWed, 13 Dec 2017 01:57:00 GMTTue, 22 May 2018 16:02:59 GMT<p>
It's become quite common for web services to display a <code>Show</code> button next to password fields when the user is using a mobile device. Several mobile apps do this too. The intent is to help the user ensure the password they've entered is correct when using the onscreen keyboard.
</p>
<p>
One example is on <a class="ext-link" href="https://m.facebook.com"><span class="icon">​</span>https://m.facebook.com</a> (the <code>Show</code> button actually appears on any device when using that site). The <code>Show</code> button simply toggles the input type between <code>password</code> and <code>text</code>.
</p>
<p>
WordPress should add this functionality to the login screen, the user profile screen, and anywhere else where a password gets entered. This functionality already exists when adding a new user, if the user first clicks the <code>Show password</code> button.
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42888
http://core.trac.wordpress.org/ticket/42888Report#23983: Add filter to get_post_thumbnail_id to override default thumbnail useJesper800Sun, 07 Apr 2013 20:48:44 GMTSat, 07 Apr 2018 13:14:29 GMT<p>
The current function for getting the post thumbnail ID, used in among others <code>get_the_post_thumbnail</code>, is as follows:
</p>
<pre class="wiki">function get_post_thumbnail_id( $post_id = null ) {
$post_id = ( null === $post_id ) ? get_the_ID() : $post_id;
return get_post_meta( $post_id, '_thumbnail_id', true );
}
</pre><p>
In my opinion, this needs a filter, so the user can override this by the attachment of his choosing, such as an Advanced Custom Fields image attached to the post.
</p>
<p>
Something like:
</p>
<pre class="wiki">function get_post_thumbnail_id( $post_id = null ) {
$post_id = ( null === $post_id ) ? get_the_ID() : $post_id;
return apply_filters( 'post_thumbnail_id', get_post_meta( $post_id, '_thumbnail_id', true ), $post_id );
}
</pre><p>
I know you can hook into the <code>get_{$meta_type}_metadata</code> filter, but getting the post thumbnail ID should still be possible by using get_post_meta, the other thumbnail should just be used for displaying.
</p>
Jesper800http://core.trac.wordpress.org/ticket/23983
http://core.trac.wordpress.org/ticket/23983Report#43281: Capitalize "Set featured image" media button on Media ModalmonikaraoSat, 10 Feb 2018 18:49:38 GMTSun, 11 Feb 2018 18:52:26 GMT<p>
All the button on WordPress are in capitalize form except this "Set featured image" button so there should be consistency on all button.
</p>
monikaraohttp://core.trac.wordpress.org/ticket/43281
http://core.trac.wordpress.org/ticket/43281Report#36661: Improve `wp_get_attachment_image()` and `wp_get_attachment_image_attributes` docs.juanfraMon, 25 Apr 2016 15:48:55 GMTFri, 02 Mar 2018 01:59:40 GMT<p>
Hey there,
</p>
<p>
While looking for a solution for another ticket I've seen that there's not much documentation for <code>wp_get_attachment_image()</code>, specifically for the string|array of the <code>$atts</code> parameter. I know, that you can get through the code and see that some of them are automatically generated (src, class, alt, srcset, sizes) and that you override them and at the same time you can define an unlimited amount of <code>$atts</code>, but perhaps there's other people trying to use the function and they do not know that. We might end up seeing ugly implementations of people trying to add data attributes to images, etc. This function is not documented in the codex, only in the Code Reference site.
</p>
<p>
I think the most important part to explain is the <code>scrset</code> attribute as many people usually tries to use this type of function to deliver different images depending on the device in which the site is seen (Also, this is kind of covered by core in some ways now, but it is poorly documented). Or that you can add classes for retina support.
</p>
<p>
The same is happening with the <code>wp_get_attachment_image_attributes</code> filter within that function. It is not listing the list of attributes that you get by default.
</p>
<p>
I consider it is worth it to modify the phpdoc (at least) in the hook description, but I'm not sure if the phpdoc should be modified for the function. That's why I wanted to have some feedback before sending a patch.
</p>
<p>
What do you think? Shall we add docs within the code or we should we leave notes on the code reference site?
</p>
juanfrahttp://core.trac.wordpress.org/ticket/36661
http://core.trac.wordpress.org/ticket/36661Report#42942: Provide a post_date_column_time hook for media filesivanlutrovWed, 20 Dec 2017 05:32:05 GMTThu, 03 May 2018 17:29:18 GMT<p>
Class <code>class-wp-posts-list-table.php</code> has <code>column_date()</code> function which uses <code>post_date_column_time</code> hook to filter the date.
</p>
<p>
Class <code>class-wp-media-list-table.php</code> has <code>column_date()</code> function which has no hook to filter the date.
</p>
ivanlutrovhttp://core.trac.wordpress.org/ticket/42942
http://core.trac.wordpress.org/ticket/42942Report#27120: Add object cache to wp_nav_menu() itemsClorithThu, 13 Feb 2014 07:47:58 GMTSun, 11 Mar 2018 19:04:47 GMT<p>
Leveraging <code>$menu_items</code> in the wp_nav_menu() function call with the Object Cache shows a drop in queries by 2 for each consecutive call for a specific <code>theme_location</code>
</p>
<p>
Might need a bit more intense testing to ensure it doesn't negatively impact anything else using the function, but from a front facing side of things it has s ofar not showed any negative effect in my tests.
</p>
Clorithhttp://core.trac.wordpress.org/ticket/27120
http://core.trac.wordpress.org/ticket/27120Report#39776: add priority argument to add_submenu_page() functionalexvorn2Fri, 03 Feb 2017 10:47:30 GMTWed, 18 Oct 2017 12:57:32 GMT<p>
Add option to add new sub-menu pages with specific order - adding priority number, so if we will have a bigger priority the menu will have higher position in sidebar admin menus.
</p>
alexvorn2http://core.trac.wordpress.org/ticket/39776
http://core.trac.wordpress.org/ticket/39776Report#42251: Cache not found values for sites and network lookups by IDflixos90Tue, 17 Oct 2017 16:01:14 GMTTue, 20 Mar 2018 17:46:02 GMT<p>
Currently when running <code>get_site( 12345 )</code> and no ID with that site exists, the result is not being cached. That means every subsequent lookup will still cause a DB query to be fired, which is unnecessary. The exact same applies to networks as well.
</p>
<p>
Let's make sure falsy lookups are still cached under the ID checked.
</p>
<p>
That also implies that upon creating a new site or network, its respective ID cache must be cleared to not longer receive the cached falsy result. This is already the case for sites anyway, for networks it's a bit more tricky because we don't have a real API for that. However, with a dev-note clarifying that, also given how "edge-case" multiple networks are, I think we're good making that change.
</p>
flixos90http://core.trac.wordpress.org/ticket/42251
http://core.trac.wordpress.org/ticket/42251Report#41333: Implement `wp_install_site()` and `wp_uninstall_site()`flixos90Fri, 14 Jul 2017 19:38:32 GMTTue, 22 May 2018 16:49:34 GMT<p>
As summarized in <a href="https://core.trac.wordpress.org/ticket/40364#comment:14">https://core.trac.wordpress.org/ticket/40364#comment:14</a>, we'd like to have solid functions for installing a site in a multisite network as well as uninstalling it.
</p>
<p>
These functions should only take care of the "site-level" part of things, like:
</p>
<ul><li>creating/dropping database tables
</li><li>populating options
</li><li>setting up initial content
</li></ul><p>
The idea is to only be required to call <code>wp_insert_site()</code> and then <code>wp_install_site()</code> to get a new site set up.
</p>
<p>
Before we start working on the two functions, we should discuss what exactly it needs to do. This will have to match what currently happens spread out between <code>wpmu_create_blog()</code> and another function it calls, <code>install_blog()</code>. We should aim to make this consistent and also think about ways to enhance these functions and the functions they use, for example by providing filters to adjust some of these defaults.
</p>
<p>
This will be a rather comprehensive task, so it does not necessarily need to go in at a similar time as the changes from <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/40364" title="#40364: enhancement: Improve site creation in multisite (assigned)">#40364</a>. We should probably even wait to start it until those changes have been completed. This ticket should just be on the horizon for now, I'd say.
</p>
flixos90http://core.trac.wordpress.org/ticket/41333
http://core.trac.wordpress.org/ticket/41333Report#43233: Network transientsspacedmonkeyTue, 06 Feb 2018 09:28:25 GMTTue, 20 Mar 2018 17:22:06 GMT<p>
Currently site (network) transients do not support multi network. For sites with object caching it stores the transient as a global and for sites without object caching, it stores it on the current networks options. This is a strange behavour, as object cached sites act very differet from none.
</p>
<p>
The behaviour should be the same on both types of site and how type of store a network transient should be better defined. Is it a global store or a network level store.
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/43233
http://core.trac.wordpress.org/ticket/43233Report#37181: Use metadata api in *_network_optionsspacedmonkeySun, 26 Jun 2016 12:44:04 GMTWed, 02 May 2018 22:57:38 GMT<p>
The network (site) options are stored in the database as sitemeta. The table is formatted as a meta table. However the CRUD of this data in get_network_option, update_network_option, add_network_option and delete_network_option doesn't use the metadata api. Using the metadata api has many advantages, such as filters and a more consistent caching api.
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/37181
http://core.trac.wordpress.org/ticket/37181Report#43598: site-options notoption only queried and never set in not multisite wordpress installsGrzegorz.JanoszkaWed, 21 Mar 2018 10:08:34 GMTSun, 15 Apr 2018 22:21:06 GMT<p>
We have notoptions mechanism that works well. WordPress core does also query $network_id:notoptions regardless of multiste. However, such option is set only in multisite installs. As a result, if you are not running multisite, you are only querying for $network_id:notoptions and you never set it. It beats the idea of notoptions - we read it, but we never set it - what's the point?
</p>
<p>
Possible solutions:
</p>
<ul><li>read $network_id:notoptions only in multisite installs
</li><li>set $network_id:notoptions also in not multisite installs
</li></ul>Grzegorz.Janoszkahttp://core.trac.wordpress.org/ticket/43598
http://core.trac.wordpress.org/ticket/43598Report#10483: Change post_name's length from 200 to 400elnurSat, 25 Jul 2009 06:31:52 GMTWed, 24 Jan 2018 06:58:51 GMT<p>
Hello, guys! Thank you very much for providing such a great piece of software! I love WordPress very much! :)
</p>
<p>
I use WordPress in Russian language and the URLs on my <a class="ext-link" href="http://www.ielnur.com"><span class="icon">​</span>blog</a> consist of Russian characters. There is a <a class="ext-link" href="http://www.ielnur.com/blog/2009/05/снова-бросить-курить-30-тидневное-испытание/"><span class="icon">​</span>post</a> with not such a long URL in Russian, but since it gets encoded to special characters it becomes too long to get fit into <code>post_name</code> field of <code>post</code> table.
</p>
<p>
I've found what code needs to be changed to increase the length. I make these changes every time a new version is released. I think it would be better to submit a patch here so that others people can benefit from it and I will not need to make those changes every release.
</p>
<p>
I'm attaching the patch to this ticket and asking you to apply it to the code.
</p>
<p>
Thank you very much again, guys! You do a great job! :)
</p>
<p>
Cheers,
Elnur
</p>
elnurhttp://core.trac.wordpress.org/ticket/10483
http://core.trac.wordpress.org/ticket/10483Report#15953: when category slug is changed, old uri also should redirect to new, as post uris doqdinarWed, 22 Dec 2010 18:51:10 GMTSat, 17 Mar 2018 18:33:03 GMT<p>
when category slug is changed, old uri also should redirect to new, as post uris do
</p>
qdinarhttp://core.trac.wordpress.org/ticket/15953
http://core.trac.wordpress.org/ticket/15953Report#38197: Update Pingback function To Add ReturndshanskeFri, 30 Sep 2016 11:07:47 GMTFri, 20 Apr 2018 17:53:46 GMT<p>
Related to <a class="reviewing ticket" href="http://core.trac.wordpress.org/ticket/36824" title="#36824: enhancement: do_all_pings function queries all posts (reviewing)">#36824</a>.
</p>
<p>
Updated to reflect focus on the return issue.
</p>
<p>
In <a class="reviewing ticket" href="http://core.trac.wordpress.org/ticket/36824" title="#36824: enhancement: do_all_pings function queries all posts (reviewing)">#36824</a>, the proposal was to improve performance of the do_all_pings function. Part of this involves the fact that if a pending trackback URL is sent a pingback successfully, it should not also send a trackback.
</p>
<p>
The function should also optionally return which URLs were successfully pinged or a WP_Error object in the event the sending fails, etc.
</p>
<p>
This would change the signature of the function but would allow for debugging, response to errors, as well as assist in optimizing the do_all_pings function.
</p>
<p>
The original proposal was to deprecate pingback because it includes $content, a parameter better retrieved from the post itself for purposes of integrity. However, that can be addressed in other ways.
</p>
dshanskehttp://core.trac.wordpress.org/ticket/38197
http://core.trac.wordpress.org/ticket/38197Report#43643: Properly document the `$page_hook` actionjohnbillionTue, 27 Mar 2018 11:58:19 GMTTue, 27 Mar 2018 12:01:57 GMT<p>
The <code>$page_hook</code> action lacks meaningful documentation. This is the only action in core that uses a completely dynamic hook name, which means it needs to be well documented to help developers who may wish to use it.
</p>
<p>
Most of the documentation from the <code>load-{$page_hook}</code> action immediately above it can be reused, and then the <code>@ignore</code> tag can be removed so the unnecessary private flag gets removed from the developer reference.
</p>
<p>
Refs:
</p>
<ul><li><a class="ext-link" href="https://developer.wordpress.org/reference/hooks/page_hook/"><span class="icon">​</span>https://developer.wordpress.org/reference/hooks/page_hook/</a>
</li><li><a class="ext-link" href="https://github.com/WordPress/wordpress-develop/blob/c8fa6497aa6dc6d8a65c3fa84b862df343db5981/src/wp-admin/admin.php#L233-L239"><span class="icon">​</span>https://github.com/WordPress/wordpress-develop/blob/c8fa6497aa6dc6d8a65c3fa84b862df343db5981/src/wp-admin/admin.php#L233-L239</a>
</li></ul>johnbillionhttp://core.trac.wordpress.org/ticket/43643
http://core.trac.wordpress.org/ticket/43643Report#17025: wp_list_authors() is not filterablekevinBSat, 02 Apr 2011 17:30:10 GMTWed, 28 Feb 2018 22:19:36 GMT<p>
The template function wp_list_authors() is not filterable. Plugins may use existing WP_Query hooks to filter some authors' posts out of the result set, making the unfiltered authors list invalid.
</p>
<p>
The corresponding patch adds query filter 'list_authors_query'
</p>
kevinBhttp://core.trac.wordpress.org/ticket/17025
http://core.trac.wordpress.org/ticket/17025Report#28112: bulk_edit_posts() function needs an action hookhelgathevikingSat, 03 May 2014 18:42:07 GMTWed, 28 Feb 2018 22:20:19 GMT<p>
Currently, the only method that I can find to save additional data in via bulk edit requires using an <code>.ajax()</code> call.
</p>
<p>
This could be avoided if <code>bulk_edit_posts()</code> had a simple action hook at the end before it returns it's results.
</p>
<pre class="wiki">do_action( 'bulk_edit_posts', $post_data );
return array( 'updated' =&gt; $updated, 'skipped' =&gt; $skipped, 'locked' =&gt; $locked );
</pre>helgathevikinghttp://core.trac.wordpress.org/ticket/28112
http://core.trac.wordpress.org/ticket/28112Report#37569: REST API: refresh expired noncesiseuldeThu, 04 Aug 2016 10:27:53 GMTThu, 23 Nov 2017 18:17:18 GMT<p>
<strong>Is there a reason to not refresh an expired nonce?</strong>
</p>
<p>
At the moment the API only refreshes nonces when it's given an unexpired nonce, so that the client can refresh it for future requests. When the nonce expired though, it will just error. The only thing a client can do then is to refresh the page, or get a new nonce some other way. Since a simple authenticated request is enough to get a new nonce elsewhere, I don't see why the API itself can't provide the client with a new one, so that the client can refresh its nonce, and repeat the request with the new nonce.
</p>
iseuldehttp://core.trac.wordpress.org/ticket/37569
http://core.trac.wordpress.org/ticket/37569Report#37000: Support for the SameSite cookie attributejohnbillionThu, 02 Jun 2016 13:31:13 GMTWed, 23 May 2018 15:42:42 GMT<p>
IETF's <a class="ext-link" href="https://tools.ietf.org/html/draft-west-first-party-cookies"><span class="icon">​</span>Same-site Cookies draft</a> was <a class="ext-link" href="https://www.chromestatus.com/feature/4672634709082112"><span class="icon">​</span>shipped in Chrome 51 and Opera 39</a>.
</p>
<p>
The SameSite cookie attribute instructs a browser not to send that cookie with cross-origin third-party requests (such as iframes, embedded images, and Ajax requests). This effectively mitigates CSRF attacks as, for example, the user will not be authenticated for a given third party URL that's being used in a CSRF attack.
</p>
<p>
More information on the SameSite attribute can be found here: <a class="ext-link" href="http://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/"><span class="icon">​</span>http://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/</a>
</p>
<p>
We should investigate whether setting the <code>SameSite=lax</code> attribute is of benefit to the <code>auth</code> and/or <code>logged_in</code> cookies in WordPress, and if so consider implementing it once the draft becomes an RFC.
</p>
<p>
PHP uses the <code>setcookie()</code> wrapper for setting cookies, which means that setting the SameSite attribute is not possible using that function, until such point that support for the attribute gets added. If WordPress were to implement the SameSite attribute, we'd need our own cookie handling function which constructs and sets the <code>Set-Cookie</code> header itself, and use it in place of <code>setcookie()</code> (side note: this may also be beneficial to unit testing).
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/37000
http://core.trac.wordpress.org/ticket/37000Report#42669: Filter for terms list in admin tablesDaveFXThu, 23 Nov 2017 09:06:55 GMTWed, 29 Nov 2017 21:16:10 GMT<p>
While trying to customize the list of terms for a given post in the admin posts list table, I've found that there's no available filter for that.
</p>
<p>
Here I'm adding a patch adding a new filter to allow this customization.
</p>
DaveFXhttp://core.trac.wordpress.org/ticket/42669
http://core.trac.wordpress.org/ticket/42669Report#34281: Allow admins to send users a 'Reset Password' linkIpstenuTue, 13 Oct 2015 02:15:01 GMTMon, 15 Jan 2018 20:52:45 GMT<p>
Following <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/24633" title="#24633: enhancement: Allow admins to generate and send new passwords for users (closed: fixed)">#24633</a> and <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/34180" title="#34180: enhancement: Generate and Retrieve Password Reset Key Without Sorcery (closed: fixed)">#34180</a>
</p>
<p>
As Pippin said:
</p>
<blockquote class="citation">
<p>
it'd be really nice for admins to be able to manually generate a new password for user accounts and then automatically send that new password via email.
</p>
</blockquote>
<p>
As an extension of that, should we be able to easily send users a link to reset their passwords? It would greatly improve supporting communities. Instead of explaining "Go to domain.com/wp-admin/ and click on lost password and put in your info..." you can just press a button and send a link. Done.
</p>
<p>
I was able to make it a plugin but I'm epically failing at getting the ajax/js stuff to work right as a core patch :(
</p>
<p>
Screenshot: <a class="ext-link" href="https://cloudup.com/cWNmv6T0SXI"><span class="icon">​</span>https://cloudup.com/cWNmv6T0SXI</a>
Code: <a class="ext-link" href="https://cloudup.com/c2SpsmqXb14"><span class="icon">​</span>https://cloudup.com/c2SpsmqXb14</a>
</p>
<p>
This doesn't actually change the password or even force it. If you, as an admin, change the password of a user, they get an email anyway. This uses just emails them the reset link.
</p>
Ipstenuhttp://core.trac.wordpress.org/ticket/34281
http://core.trac.wordpress.org/ticket/34281Report#42549: Widgets: Allow gallery widget to display images from currently-queried singular post if no images selectedwestonruterTue, 14 Nov 2017 18:22:48 GMTWed, 22 Nov 2017 18:17:04 GMT<p>
In <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/42548" title="#42548: defect (bug): Widgets: Populate global $post with queried object on singular queries ... (closed: fixed)">#42548</a> (pending) a <code>[gallery]</code> placed inside of a Text widget will result in the attachments for a given post to be used in the gallery when the widget appears on a singular template. The same behavior could be allowed for the Gallery widget as well. If you add a gallery widget to a sidebar but don't add any images to it, the widget could conditionally show if it is being rendered on a singular template for a post that has image attachments.
</p>
westonruterhttp://core.trac.wordpress.org/ticket/42549
http://core.trac.wordpress.org/ticket/42549Report#42278: Speed up tests by using shared user fixturesFrank KleinThu, 19 Oct 2017 09:09:44 GMTWed, 03 Jan 2018 18:26:17 GMT<p>
There are a lot of tests that require user fixtures. These are then created, and afterwards deleted, as part of the test class set up and tear down methods.
</p>
<p>
These fixtures could all be reused between tests, if a user for every role in Core would be created in the database as part of the unit test setup process.
</p>
<p>
If we had that, all the tests that need for example a user with the <code>editor</code> role could just grab the existing user from the database, instead of creating this as a test fixture.
</p>
Frank Kleinhttp://core.trac.wordpress.org/ticket/42278
http://core.trac.wordpress.org/ticket/42278Report#39732: Allowing wp_update_comment() to return WP_Errorenrico.sorcinelliSun, 29 Jan 2017 09:52:52 GMTWed, 10 Jan 2018 21:17:45 GMT<p>
The new <code>wp_update_comment_data</code> filter introduced in 4.7 allows to filter comments data before it is updated in the database.
</p>
<p>
The patch aims to handle <code>WP_Error</code> as the filter above return value in a similar manner as is done for <code>wp_new_comment()</code>.
</p>
enrico.sorcinellihttp://core.trac.wordpress.org/ticket/39732
http://core.trac.wordpress.org/ticket/39732Report#17268: Use native gettext library when availablelinushoppeThu, 28 Apr 2011 11:32:30 GMTWed, 18 Oct 2017 13:44:11 GMT<p>
<a class="ext-link" href="http://codex.wordpress.org/Translating_WordPress"><span class="icon">​</span>Here</a> you say that the GNU gettext-Framework is used. Exactly, "pomo" (file: wp-includes/l10n.php) is a complete own php-implementation of the gettext-program.
</p>
<p>
I've added a patch to solve this problem. Maybe it is not very good, but it works. On my wordpress-sites, the used php-memory returns from about 65% to about 12% and the site is running much faster when patching wp-includes/l10n.php.
</p>
<p>
I know that gettext is not available on every wordpress-installation, but when it's available, it should be used.
</p>
<p>
Sorry for my bad english, I'm german.
</p>
linushoppehttp://core.trac.wordpress.org/ticket/17268
http://core.trac.wordpress.org/ticket/17268Report#38741: Introduce the concept of a large site in order to speed up the Users screen when there are many usersjohnbillionWed, 09 Nov 2016 23:13:24 GMTTue, 22 May 2018 16:04:13 GMT<p>
Given a single site install with a high number of users, the Users screen can become very slow due to the nasty query performed by <code>count_users()</code>. The result of this query is used to populate the count of users with each role in the role filtering links across the top.
</p>
<pre class="wiki">SELECT
COUNT(NULLIF(`meta_value` LIKE '%\"administrator\"%', false)),
COUNT(NULLIF(`meta_value` LIKE '%\"editor\"%', false)),
COUNT(NULLIF(`meta_value` LIKE '%\"author\"%', false)),
COUNT(NULLIF(`meta_value` LIKE '%\"contributor\"%', false)),
COUNT(NULLIF(`meta_value` LIKE '%\"subscriber\"%', false)),
COUNT(NULLIF(`meta_value` = 'a:0:{}', false)), COUNT(*)
FROM
wp_usermeta
WHERE
meta_key = 'wp_capabilities'
</pre><p>
On a site with tens of thousands of users, this SQL query can easily take tens of seconds.
</p>
<p>
Multisite has the concept of a large network (by default, one with &gt; 10,000 users or &gt; 10,000 sites), but single site doesn't have this concept.
</p>
<p>
The query performed by <code>count_users()</code> can be skipped entirely. If it is skipped, the list of roles will simply display all available roles and won't display a count next to each role. I think this is a completely acceptable trade-off for such a performance gain on sites with a high number of users.
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/38741
http://core.trac.wordpress.org/ticket/38741Report#21402: Remove PHP4 methods, format consistentlywonderboymusicSat, 28 Jul 2012 06:24:33 GMTWed, 14 Mar 2018 20:17:32 GMT<p>
While I was looking around in cache.php, I noticed the TODO to remove the destructor that does nothing and the constructor that registers it to do nothing
</p>
<p>
Also, the whitespace was different for almost every function - yet the functions all have similar code, this cleans it up
</p>
wonderboymusichttp://core.trac.wordpress.org/ticket/21402
http://core.trac.wordpress.org/ticket/21402Report#4328: Redirect Old Slugs feature needs to redirect slugs for pages, not just posts, and redirect old permalink structureDenis-de-BernardyThu, 24 May 2007 01:52:44 GMTTue, 08 May 2018 21:04:52 GMT<p>
Create a page, browse to it, edit it, change its slug, WP redirects to the old page's slug and serves a 404. Wasn't WP 2.1 or WP 2.2 supposed to make the redirect old slug feature built-in?
</p>
<p>
Along the same lines, it would be sweet if instead of simply redirect old slugs, WP would redirect old urls. When the date changes, when the page parent changes, or when the permalink structure changes, the url changes but neither of WP, the redirect old slug plugin, the permalink redirect plugin, or anything else catches this.
</p>
Denis-de-Bernardyhttp://core.trac.wordpress.org/ticket/4328
http://core.trac.wordpress.org/ticket/4328Report#43826: get_post_galleries() should return gallery blockspentoSat, 21 Apr 2018 11:50:57 GMTSat, 21 Apr 2018 11:50:57 GMT<p>
Originally reported here: <a class="ext-link" href="https://github.com/WordPress/gutenberg/issues/5797"><span class="icon">​</span>https://github.com/WordPress/gutenberg/issues/5797</a>
</p>
<p>
Galleries in Gutenberg don't use the <code>[gallery]</code> shortcode, so aren't returned by <code>get_post_galleries()</code>. This function should check for gallery blocks, too.
</p>
pentohttp://core.trac.wordpress.org/ticket/43826
http://core.trac.wordpress.org/ticket/43826Report#17262: wp_get_attachment_thumb_file should check new 'thumbnail' image sizelonnylotWed, 27 Apr 2011 18:36:19 GMTMon, 07 May 2018 06:47:10 GMT<p>
The issue is that on line 3863 we always search for <code>$imagedata['thumb']</code> and it never exists. Instead we have <code>$imagedata['thumbnail']</code>. This always exists.
</p>
lonnylothttp://core.trac.wordpress.org/ticket/17262
http://core.trac.wordpress.org/ticket/17262Report#43941: Add default value to register metaspacedmonkeyWed, 02 May 2018 22:55:18 GMTMon, 14 May 2018 09:29:40 GMT<p>
Add a default value field to register meta. Meaning that if a metat value isn't set that is returns a default value. This bring the meta register api inline with register_setting, that already has a default value set.
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/43941
http://core.trac.wordpress.org/ticket/43941Report#38323: Reconsider $object_subtype handling in `register_meta()`flixos90Sun, 16 Oct 2016 14:24:35 GMTSat, 19 May 2018 20:42:46 GMT<p>
While <code>register_meta()</code> was originally planned to support object subtypes (e.g. post types in the case of post meta, taxonomies in the case of term meta), this feature was dropped in <a class="changeset" href="http://core.trac.wordpress.org/changeset/38095" title="Meta: Remove object subtype handling from `register_meta()`.
...">38095</a>, mainly because it needed further thought.
</p>
<p>
I think we should continue to think how we can implement this feature. Many plugins use meta in ways that are specific to a subtype, so it doesn't make sense for them to use <code>register_meta()</code> now because it would mean that for example some e-commerce plugin's product data would suddenly be exposed on any post type. The current implementation can also lead to conflicts very easily: Imagine one plugin registers an <code>email</code> meta key for a custom post type, and another plugin registers an <code>email</code> meta key for another post type, and the metadata has a different structure - such thing can raise several issues.
</p>
<p>
I really like the new enhanced way <code>register_meta()</code> works, but without subtype handling it is still useless for many occasions. Therefore let's continue work on that function.
</p>
flixos90http://core.trac.wordpress.org/ticket/38323
http://core.trac.wordpress.org/ticket/38323Report#44180: REST API: Expose 'preview_link' for viewable post typesdanielbachhuberMon, 21 May 2018 22:53:52 GMTMon, 21 May 2018 22:53:52 GMT<p>
To ensure clients have the correct "Preview" link to display, we should expose the post's <code>preview_link</code> through the REST API.
</p>
<p>
This value is generated by <code>get_preview_post_link()</code> which is filterable and thus subject to modification by third-party code.
</p>
<p>
From <a class="ext-link" href="https://github.com/WordPress/gutenberg/issues/4555"><span class="icon">​</span>https://github.com/WordPress/gutenberg/issues/4555</a>
</p>
danielbachhuberhttp://core.trac.wordpress.org/ticket/44180
http://core.trac.wordpress.org/ticket/44180Report#43998: REST API: Permit unbounded per_page=-1 requests for authorized usersdanielbachhuberMon, 07 May 2018 22:50:29 GMTWed, 23 May 2018 23:08:13 GMT<p>
Currently, the REST API limits <code>GET</code> collection queries (e.g. <code>GET /wp/v2/users</code>) to a <code>per_page</code> value between 1 and 100. The decision protects a WordPress site from a resource-exhaustion DOS attack; unbounded queries can cause significant performance problems.
</p>
<p>
However, this limit negatively impacts Gutenberg, because there are contexts in which Gutenberg needs access to <em>all</em> items (e.g. the author drop-down). Given the significant accessibility challenges in producing a lazy-load implementation, a reasonable alternative is to permit unbounded <code>per_page=-1</code> requests for authorized users. In this case, an authorized user can be defined as:
</p>
<pre class="wiki">$can_unbounded_request = false;
$types = get_post_types( array( 'show_in_rest' =&gt; true ), 'objects' );
foreach ( $types as $type ) {
if ( current_user_can( $type-&gt;cap-&gt;edit_posts ) ) {
$can_unbounded_request = true;
}
}
</pre><p>
See conversation in <a class="ext-link" href="https://github.com/WordPress/gutenberg/issues/6180"><span class="icon">​</span>https://github.com/WordPress/gutenberg/issues/6180</a> for the backstory.
</p>
danielbachhuberhttp://core.trac.wordpress.org/ticket/43998
http://core.trac.wordpress.org/ticket/43998Report#40510: REST API: Post Revisions: Adding support for paginationbenoitpersonFri, 21 Apr 2017 08:14:06 GMTMon, 02 Apr 2018 10:05:38 GMT<p>
The post revisions REST endpoint currently has no support for pagination. While it works well for most usages with fairly low counts of revisions (WordPress.com limits the number at 25 for instance), on posts with a revision count in the hundreds (or even thousands), this can quickly yield unreasonably large (Mb+ of pure text) and long (several seconds on my "test" instances) responses.
</p>
<p>
The API already supports pagination for a vast majority of ressources (posts, pages, categories, tags, users) and is normalised around using 2 integer parameters: <code>page</code> (default: <code>1</code>)and <code>per_page</code> (default: <code>10</code>).
</p>
<p>
I wonder if there is any reason why pagination was never implemented on that endpoint? Is it something potentially worth working on? Considering some of the past issues around high memory usage for the revisions page of wp-admin <a class="missing changeset" title="No changeset 0 in the repository">[0]</a><a class="changeset" href="http://core.trac.wordpress.org/changeset/1" title="New repository initialized by cvs2svn.">[1]</a>, it seems like getting a way to only load (for instance) the most recent revisions would be an interesting win to provide a smoother experience with revisions.
</p>
<p>
<a class="missing changeset" title="No changeset 0 in the repository">[0]</a> <a href="https://core.trac.wordpress.org/ticket/34560">https://core.trac.wordpress.org/ticket/34560</a>
<a class="changeset" href="http://core.trac.wordpress.org/changeset/1" title="New repository initialized by cvs2svn.">[1]</a> <a href="https://core.trac.wordpress.org/ticket/24958">https://core.trac.wordpress.org/ticket/24958</a>
</p>
<p>
PS: To provide some (more) context, there is an ongoing effort to support revisions in Calypso: <a class="ext-link" href="https://github.com/Automattic/wp-calypso/pull/12733"><span class="icon">​</span>https://github.com/Automattic/wp-calypso/pull/12733</a> from which this enhancement request emerged.
</p>
benoitpersonhttp://core.trac.wordpress.org/ticket/40510
http://core.trac.wordpress.org/ticket/40510Report#43316: REST API: Support autosaveskraftbjWed, 14 Feb 2018 15:13:59 GMTMon, 21 May 2018 13:08:28 GMT<p>
In looking at <a class="ext-link" href="https://github.com/WordPress/gutenberg/pull/4218"><span class="icon">​</span>https://github.com/WordPress/gutenberg/pull/4218</a> (a PR that, in part, deals with an issue of a _lot_ of autosave revisions out of Gutenberg, e.g. <a class="ext-link" href="https://github.com/WordPress/gutenberg/issues/3656"><span class="icon">​</span>https://github.com/WordPress/gutenberg/issues/3656</a> ), Gutenburg is looking at an admin-ajax.php approach using core JS APIs since the core REST API does not directly support autosaves.
</p>
<p>
Marking for WordPress 5.0 so it can be considered early in light of Gutenburg.
</p>
kraftbjhttp://core.trac.wordpress.org/ticket/43316
http://core.trac.wordpress.org/ticket/43316Report#42938: Avatar Blank SpaceMarius84Tue, 19 Dec 2017 14:32:16 GMTThu, 21 Dec 2017 03:05:27 GMT<p>
<strong>Wordpress</strong> --&gt; <strong>Settings</strong> --&gt; <strong>Discussion</strong> --&gt; <strong>Avatar Display</strong> --&gt; <strong>Uncheck Show Avatar option</strong>.
</p>
<p>
If I can choose not to show the avatar the blank space shouldn’t be there.
</p>
<p>
<strong>screenshot 1</strong>: <a class="ext-link" href="https://www.dropbox.com/s/3mj8fmsd3t9vycs/Screenshot%202017-12-19%2005.53.21.png?dl=0"><span class="icon">​</span>https://www.dropbox.com/s/3mj8fmsd3t9vycs/Screenshot%202017-12-19%2005.53.21.png?dl=0</a>
</p>
<p>
<strong>screenshot 2</strong>: <a class="ext-link" href="https://www.dropbox.com/s/1ip4fmozaub5nyw/Screenshot%202017-12-19%2013.49.19.png?dl=0"><span class="icon">​</span>https://www.dropbox.com/s/1ip4fmozaub5nyw/Screenshot%202017-12-19%2013.49.19.png?dl=0</a>
</p>
<p>
<strong>screenshot 3</strong>: <a class="ext-link" href="https://www.dropbox.com/s/9013zsym8v8gltc/Screenshot%202017-12-19%2013.58.09.png?dl=0"><span class="icon">​</span>https://www.dropbox.com/s/9013zsym8v8gltc/Screenshot%202017-12-19%2013.58.09.png?dl=0</a>
</p>
<p>
Also all themes will show on live website this "Blank Space Location On comment Area" if i deactivated the Avatar Display. If I can choose not to show the avatar the blank space location shouldn’t be there.
</p>
<p>
<a class="ext-link" href="https://wordpress.org/support/topic/wordpress-4-9-1-bug-2/"><span class="icon">​</span>https://wordpress.org/support/topic/wordpress-4-9-1-bug-2/</a>
</p>
Marius84http://core.trac.wordpress.org/ticket/42938
http://core.trac.wordpress.org/ticket/42938Report#42651: Code within a field description should not be italicjohnbillionTue, 21 Nov 2017 16:20:27 GMTThu, 11 Jan 2018 12:26:18 GMT<p>
Given some descriptive text in the admin area such as the following, the text within the <code>&lt;code&gt;</code> element appears in italic, but ideally it should not.
</p>
<pre class="wiki">&lt;p class="description"&gt;This is italic and so is &lt;code&gt;$this&lt;/code&gt;.&lt;/p&gt;
</pre><p>
Some CSS along the lines of <code>.description code { font-style: normal; }</code> should do the trick.
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42651
http://core.trac.wordpress.org/ticket/42651Report#40244: Inconsistent casing in the list table select filtersaferciaThu, 23 Mar 2017 18:17:01 GMTSat, 05 May 2018 09:46:55 GMT<p>
In the various admin screens with list tables (posts, pages, media, comments, users...) a toolbar on the top displays some <code>&lt;select&gt;</code> elements to filter the lists by different criteria.
</p>
<p>
The default option sometimes uses title casing, sometimes not. Using always the same casing would be an easy fix and a minor, but nice, UI enhancement.
</p>
<p>
Worth mentioning title casing is mainly an English thing. In many other languages just the first letter in a title or label is uppercase. This is a minor thing and probably can be handled by translations. However, while I'd generally agree to use title case for English titles and labels, I'm not sure it makes sense for the select options.
</p>
<p>
Some screenshots:
</p>
<p>
Posts screen: <code>All dates</code> and <code>All Categories</code> (see also <code>Bulk Actions)</code>
</p>
<p>
<a style="padding:0; border:none" href="https://cldup.com/KXQKxL6CwG.png"><img src="https://cldup.com/KXQKxL6CwG.png" alt="https://cldup.com/KXQKxL6CwG.png" crossorigin="anonymous" title="https://cldup.com/KXQKxL6CwG.png" /></a>
</p>
<p>
Media Library screen: <code>All media items</code> and <code>All dates</code>
</p>
<p>
<a style="padding:0; border:none" href="https://cldup.com/bYFVoEqabr.png"><img src="https://cldup.com/bYFVoEqabr.png" alt="https://cldup.com/bYFVoEqabr.png" crossorigin="anonymous" title="https://cldup.com/bYFVoEqabr.png" /></a>
</p>
<p>
Comments screen: <code>All comment types</code>
</p>
<p>
<a style="padding:0; border:none" href="https://cldup.com/cYY4EwHZjw.png"><img src="https://cldup.com/cYY4EwHZjw.png" alt="https://cldup.com/cYY4EwHZjw.png" crossorigin="anonymous" title="https://cldup.com/cYY4EwHZjw.png" /></a>
</p>
<p>
Users screen: <code>Change role to...</code>
</p>
<p>
<a style="padding:0; border:none" href="https://cldup.com/CgiL5MCx8X.png"><img src="https://cldup.com/CgiL5MCx8X.png" alt="https://cldup.com/CgiL5MCx8X.png" crossorigin="anonymous" title="https://cldup.com/CgiL5MCx8X.png" /></a>
</p>
<p>
Haven't checked the network screens, there are probably some other cases around.
</p>
<p>
Given most of them don't use title casing, I'd propose to standardise on this.
</p>
aferciahttp://core.trac.wordpress.org/ticket/40244
http://core.trac.wordpress.org/ticket/40244Report#42061: Add new utility function for checking if the current request is a REST API request.lots.0.logsMon, 02 Oct 2017 11:21:34 GMTSat, 14 Apr 2018 15:40:07 GMT<p>
This patch adds a new function: <code>wp_doing_rest()</code> and filter by the same name that work exactly like the current <code>wp_doing_ajax/cron()</code> functions but for Rest API requests.
</p>
lots.0.logshttp://core.trac.wordpress.org/ticket/42061
http://core.trac.wordpress.org/ticket/42061Report#12563: New action on body openjoostdevalkTue, 09 Mar 2010 08:33:46 GMTThu, 11 Jan 2018 22:21:44 GMT<p>
More and more asynchronous javascripts need a part of their javascript printed right after the opening &lt;body&gt; tag, the Google Analytics asynchronous tracking being my most obvious example. To allow for this themes should come with a new function in the same fashion as wp_head and wp_footer, to be called 'body_open'.
</p>
joostdevalkhttp://core.trac.wordpress.org/ticket/12563
http://core.trac.wordpress.org/ticket/12563Report#42158: Twenty Seventeen: RSS Social Icon MissingKimball31Mon, 09 Oct 2017 17:42:37 GMTThu, 08 Mar 2018 22:21:51 GMT<p>
The RSS icon was available in <a class="ext-link" href="https://wordpress.com/theme/twentysixteen"><span class="icon">​</span>https://wordpress.com/theme/twentysixteen</a> but is missing from <a class="ext-link" href="https://codex.wordpress.org/Twenty_Seventeen"><span class="icon">​</span>https://codex.wordpress.org/Twenty_Seventeen</a>. Using TwentySeventeen you will get a link/chain icon.
</p>
<p>
It looks like we only need to add 1) <code>'/feed' =&gt; 'rss',</code> to the $social_links_icons array, and 2) an RSS symbol to svg-icons.svg.
</p>
<p>
I have never contributed before, but I'm willing to add an RSS icon, if this is something you want.
</p>
Kimball31http://core.trac.wordpress.org/ticket/42158
http://core.trac.wordpress.org/ticket/42158Report#43587: UI adjustments to the Status box in the Edit Comment screenbirgireTue, 20 Mar 2018 15:41:04 GMTTue, 03 Apr 2018 14:30:10 GMT<p>
Related to <a class="new ticket" href="http://core.trac.wordpress.org/ticket/43586" title="#43586: enhancement: Minor UI adjustments to the Author box in the Edit Comment screen (new)">#43586</a>
</p>
<p>
Also few suggestions for the <em>Status</em> box in the<em> Edit Comment</em> screen:
</p>
<ul><li>Add an underline on the box title (like in meta-box headers).
</li><li>Change the box title from <em>Status</em> to <em>Save</em>.
</li><li>Use the familiar layout from the post <em>Publish</em> meta-box.
</li><li>Use the status layout from the post <em>Publish</em> meta-box. But maybe it's too many clicks?
</li><li>Use the status format icon (don't know if it's only used for post status?)
</li><li>Use the comments icon for the <code>In response to</code> row.
</li></ul><p>
Location example: /wp-admin/comment.php?action=editcomment&amp;c=123
</p>
birgirehttp://core.trac.wordpress.org/ticket/43587
http://core.trac.wordpress.org/ticket/43587Report#32656: Add hooks to allow hijacking cron implementationrmccueTue, 16 Jun 2015 05:22:13 GMTTue, 01 May 2018 02:04:50 GMT<p>
Right now, it's partially possible to hijack wp-cron via the <code>schedule_event</code> filter. However, there's a couple of problems with it.
</p>
<h3 id="CannotSkipDefaultBehaviour">Cannot Skip Default Behaviour</h3>
<p>
It's not possible to change the default behaviour of wp-cron safely. If you filter on <code>schedule_event</code> and return an empty value, the cron function (<code>wp_schedule_event</code> etc that was originally called) will return false immediately.
</p>
<p>
While this <em>does</em> cancel the default behaviour, it causes the function to return false rather than the default <code>null</code>. In well-written plugins, this will cause them to think the event wasn't scheduled or an error occurred.
</p>
<h3 id="InconsistentUsage">Inconsistent Usage</h3>
<p>
While <code>wp_schedule_event</code> and <code>wp_schedule_single_event</code> both call out to <code>schedule_event</code>, the other functions (<code>wp_reschedule_event</code>, <code>wp_unschedule_event</code>, <code>wp_clear_scheduled_hook</code>, <code>wp_next_scheduled</code>) don't. This means that you need to filter at a very low level (<code>pre_option_cron</code>) to be able to catch these, at which point you may be missing the data needed to work out what changed.
</p>
<h2 id="Proposal">Proposal</h2>
<p>
I'd like to introduce a few new hooks here:
</p>
<ul><li><code>pre_schedule_event</code> to run at the top of <code>wp_schedule_event</code> and <code>wp_schedule_single_event</code>
</li><li><code>pre_reschedule_event</code> to run at the top of <code>wp_reschedule_event</code>
</li><li><code>unschedule_event</code> to run at the top of <code>wp_unschedule_event</code>
</li><li><code>clear_scheduled_hook</code> to run at the top of <code>wp_clear_scheduled_hook</code>
</li><li><code>next_scheduled</code> to run at the top of <code>wp_next_scheduled</code>
</li></ul><p>
These would all take <code>false</code> as their first parameter/filterable value, and act in the same way as <code>pre_option_{$option}</code> -- that is, you can return a non-false value, and the function would return that immediately.
</p>
<p>
This would make the entire system pluggable, and allow swapping out the pseudo-cron for a real jobs system much more easily.
</p>
rmccuehttp://core.trac.wordpress.org/ticket/32656
http://core.trac.wordpress.org/ticket/32656Report#42558: Reduce the number of capability checks performed by the CustomizerjohnbillionWed, 15 Nov 2017 17:08:32 GMTSun, 19 Nov 2017 16:29:33 GMT<p>
On a vanilla installation of WordPress running the Twenty Seventeen theme, the Customizer performs over 400 user capability checks via <code>current_user_can()</code>.
</p>
<p>
The majority of these are duplicate checks performed for each customizer setting. This includes:
</p>
<ul><li>~140 calls to <code>current_user_can( 'customize' )</code>
</li><li>~220 calls to <code>current_user_can( 'edit_theme_options' )</code>
</li><li>~20 calls to <code>current_user_can( 'manage_options' )</code>
</li></ul><p>
The main offenders are:
</p>
<ul><li><code>WP_Customize_Manager-&gt;unsanitized_post_values()</code>
</li><li><code>WP_Customize_Setting-&gt;check_capabilities()</code>
</li><li><code>WP_Customize_Section-&gt;check_capabilities()</code>
</li><li><code>WP_Customize_Panel-&gt;check_capabilities()</code>
</li></ul><p>
Calls to <code>current_user_can()</code> are quite cheap, but they're certainly not free, especially on sites which have filters hooked onto the <code>map_meta_cap</code> and <code>user_has_cap</code> filters, and sites with extra Customizer controls registered.
</p>
<p>
With a static property cache in each of the <code>WP_Customize_Manager</code>, <code>WP_Customize_Section</code>, and <code>WP_Customize_Setting</code> classes, the 400 capability checks are reduced to fewer than 30.
</p>
<p>
Patch coming up soon, after some more testing.
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42558
http://core.trac.wordpress.org/ticket/42558Report#40807: Starter content: Allow for setting a "parent" for pages (and other hierarchical CPTs)webmandesignThu, 18 May 2017 19:47:56 GMTTue, 06 Mar 2018 08:44:16 GMT<p>
From what I can see in <a class="ext-link" href="https://developer.wordpress.org/reference/functions/get_theme_starter_content/"><span class="icon">​</span>get_theme_starter_content()</a> function, it only allows for specific fields to be set for posts: <code>post_type</code>, <code>post_title</code>, <code>post_excerpt</code>, <code>post_name</code>, <code>post_content</code>, <code>menu_order</code>, <code>comment_status</code>, <code>thumbnail</code> and <code>template</code>.
</p>
<p>
I would like to propose <strong>adding a <code>parent</code> field</strong> in there too for hierarchical post types, such as Pages.
</p>
<p>
That way we can also create child pages (or sub-pages) in starter content, such as:
</p>
<div class="wiki-code"><div class="code"><pre><span class="cp">&lt;?php</span>
<span class="nv">$starter_content</span> <span class="o">=</span> <span class="k">array</span><span class="p">(</span>
<span class="s1">'posts'</span> <span class="o">=&gt;</span> <span class="k">array</span><span class="p">(</span>
<span class="s1">'contact'</span> <span class="o">=&gt;</span> <span class="k">array</span><span class="p">(</span>
<span class="s1">'template'</span> <span class="o">=&gt;</span> <span class="s1">'page-templates/list-of-child-pages.php'</span><span class="p">,</span>
<span class="p">),</span>
<span class="s1">'contact-dublin'</span> <span class="o">=&gt;</span> <span class="k">array</span><span class="p">(</span>
<span class="s1">'post_type'</span> <span class="o">=&gt;</span> <span class="s1">'page'</span><span class="p">,</span>
<span class="s1">'post_title'</span> <span class="o">=&gt;</span> <span class="s1">'Dublin Office Contact'</span><span class="p">,</span>
<span class="s1">'post_content'</span> <span class="o">=&gt;</span> <span class="s1">'Page content here...'</span><span class="p">,</span>
<span class="s1">'parent'</span> <span class="o">=&gt;</span> <span class="s1">'{{contact}}'</span><span class="p">,</span> <span class="c1">// &lt;-- Here's the magic:
</span> <span class="c1">// Making this a child page of our "Contact" page.
</span> <span class="p">),</span>
<span class="p">),</span>
<span class="p">);</span>
</pre></div></div><p>
Thanks for consideration!
</p>
webmandesignhttp://core.trac.wordpress.org/ticket/40807
http://core.trac.wordpress.org/ticket/40807Report#42151: Create a filter to add information to query data saved when SAVEQUERIES is trueCrazyJacoSun, 08 Oct 2017 17:26:41 GMTWed, 14 Mar 2018 20:19:19 GMT<p>
When SAVEQUERIES is set to true in wp-config.php, an array gets created and all queries to the database get logged to that array with the query, elapsed time, and stack trace.
</p>
<p>
It would be nice if there was a filter here to add other elements to this array on a per query basis.
</p>
<p>
For instance, if I were using a plugin like ElasticPress, I would like to use this filter to add in a value that might say "Query served by ElasticPress" or something to that affect.
</p>
CrazyJacohttp://core.trac.wordpress.org/ticket/42151
http://core.trac.wordpress.org/ticket/42151Report#42645: Support passing version number to add_editor_style()danielbachhuberMon, 20 Nov 2017 23:11:26 GMTTue, 22 May 2018 07:48:52 GMT<p>
For automagically flushing browser cache, it would be helpful if <code>add_editor_style()</code> supported a version number argument.
</p>
danielbachhuberhttp://core.trac.wordpress.org/ticket/42645
http://core.trac.wordpress.org/ticket/42645Report#40245: Youtube embeds lack title attributemorriscountynjThu, 23 Mar 2017 20:34:06 GMTTue, 27 Mar 2018 17:22:16 GMT<p>
I use a service called Siteimprove to monitor for accessibility issues. They pointed out an issue -- when you embed a Youtube video via a link, the code comes out something like this
</p>
<pre class="wiki">&lt;iframe width="960" height="540" src="https://www.youtube.com/embed/iGddWyoWkyg?feature=oembed"
frameborder="0" allowfullscreen=""&gt;&lt;/iframe&gt;
</pre><p>
However, Siteimprove gives that an A-level error:
</p>
<p>
<strong>The iFrame is missing a description</strong>
The iFrame has no 'title' attribute or the 'title' attribute is empty.
Provide the frame with the attribute title=”” and add a description of the content in the title.
</p>
<p>
Is there any way to add a field to enter a title for the iframe?
</p>
<p>
See this page for an example: <a class="ext-link" href="http://accessibility.page.report/GBXGDGIFJJABIHIIAUFJ/106149/20912373122#automatic/4.1.2/13"><span class="icon">​</span>Example</a>
</p>
morriscountynjhttp://core.trac.wordpress.org/ticket/40245
http://core.trac.wordpress.org/ticket/40245Report#43860: Dead code in feed_links_extra()dmenardWed, 25 Apr 2018 17:34:26 GMTTue, 15 May 2018 05:17:54 GMT<p>
Probably a detail, but in <code>general-template.php</code>, function <a href="https://core.trac.wordpress.org/browser/trunk/src/wp-includes/general-template.php#L2799">feed_links_extra()</a> contains two <code>elseif</code> statements with the same condition <code>if ( is_post_type_archive() )</code>.
</p>
<p>
The second one can't be reached and can be considered as dead code.
</p>
dmenardhttp://core.trac.wordpress.org/ticket/43860
http://core.trac.wordpress.org/ticket/43860Report#33979: Add filter for 'post_gallery_item'lostmotionassemblyWed, 23 Sep 2015 17:22:47 GMTThu, 12 Apr 2018 14:03:02 GMT<p>
This would allow developers to customise the individual gallery items, without having to duplicate the entire gallery_shortcode() function to do so. This would make it quicker, easier to understand, and reduce the likelihood of the gallery shortcode functionality 'drifting' away from core. A sample use case would be wanting to add additional classes to the gallery item based on attachment meta (such as additional orientation options like 'square' or 'panorama').
</p>
lostmotionassemblyhttp://core.trac.wordpress.org/ticket/33979
http://core.trac.wordpress.org/ticket/33979Report#44171: Flushing the rewrite rules is "wrong" on the front-endazaozzMon, 21 May 2018 09:43:51 GMTMon, 21 May 2018 20:51:14 GMT<p>
Follow-up from <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/44142" title="#44142: defect (bug): Load Order: save_mod_rewrite_rules assumes wp-admin/includes/file.php ... (assigned)">#44142</a>.
</p>
<p>
"Flushing" these rules takes a lot of resources, writes to the db, and (usually) overwrites .htaccess. Because of that it should only be performed in wp-admin, especially in production. Add a <code>_doing_it_wrong()</code> notice so theme and plugin authors are aware if this.
</p>
azaozzhttp://core.trac.wordpress.org/ticket/44171
http://core.trac.wordpress.org/ticket/44171Report#23348: Add a "Contribute" tab to the about pagemt_suzetteThu, 31 Jan 2013 22:22:19 GMTMon, 21 May 2018 20:42:03 GMT<p>
The path to find out how to contribute is several levels deep in WordPress itself. Right now, you have to click on the W icon, then About WordPress, then the Credits tab, and then scroll down to the bottom of that page to see a micro link in the footer: Want to see your name in lights on this page? Get involved in WordPress.
</p>
<p>
Also, only Core Contributors are on this list so it gives a false promise of being listed on this page if you contribute which is not the case.
</p>
<p>
We discussed adding a link in #wordpress-sfd and everyone thought this would be a good idea so that more people could find out how to get started in contribution.
</p>
<p>
I am new to creating tickets so please let me know if there is any other information you need!
</p>
mt_suzettehttp://core.trac.wordpress.org/ticket/23348
http://core.trac.wordpress.org/ticket/23348Report#20491: Introduce some JavaScript i18n functionsjohnbillionThu, 19 Apr 2012 18:50:24 GMTFri, 13 Apr 2018 14:08:03 GMT<p>
There's JavaScript code dotted around core that handles i18n in JavaScript (for example, localised thousands separators in the pending comment count). We should bring this together into a wpL10n JavaScript library that can be reused by plugins.
</p>
<p>
I've done some work on this and I'll get a patch up in the next day or so.
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/20491
http://core.trac.wordpress.org/ticket/20491Report#43829: [proposal] Add unit test for Japanese languageryotsunSun, 22 Apr 2018 10:58:35 GMTSat, 19 May 2018 16:01:05 GMT<p>
I propose to add unit test for Japanese language.<br />
It may help countries which have multi-byte characters like east asian countries.<br />
</p>
<p>
At the beginning, I added unit test for Japanese language referred from German's.<br />
After this is approved, I will also add more Japanese-specific unit test.
</p>
ryotsunhttp://core.trac.wordpress.org/ticket/43829
http://core.trac.wordpress.org/ticket/43829Report#43407: Make site_url filter aware of wp-login.php actionsjfarthing84Sat, 24 Feb 2018 16:41:11 GMTWed, 07 Mar 2018 08:51:02 GMT<p>
For instance, <code>wp_registration_url()</code> passes the action to <code>site_url()</code>:
</p>
<p>
<code>$registration_url = site_url( 'wp-login.php?action=register' );</code>
</p>
<p>
However, <code>wp_logout_url()</code> and <code>wp_lostpassword_url()</code> do not. Attaching a patch to fix this.
</p>
jfarthing84http://core.trac.wordpress.org/ticket/43407
http://core.trac.wordpress.org/ticket/43407Report#39110: Better error handling when email cannot be sent during password resetjohnbillionTue, 06 Dec 2016 15:44:59 GMTMon, 09 Oct 2017 20:25:06 GMT<p>
If an email cannot be sent during a password reset (due to server misconfiguration etc), this is potentially a blocker for the user. Currently the user is presented with the message:
</p>
<blockquote class="citation">
<p>
The email could not be sent.
Possible reason: your host may have disabled the mail() function.
</p>
</blockquote>
<p>
This is a dead end and there's no suggested next action for the user. There's a good chance that this is the first time the user has been made aware that their server is unable to send emails.
</p>
<p>
A few things could be done to make this situation less painful, or avoid arriving at this situation in the first place.
</p>
<ol><li>During installation, if the <code>New WordPress Site</code> email fails to send then a flag should be set which triggers a dismissable notification in the admin area stating that outgoing emails don't appear to be working, with a link to some documentation on the subject.
</li><li>During password reset, the <code>The email could not be sent</code> error message should be presented in a nicer format (possibly returning a <code>WP_Error</code> from <code>retrieve_password()</code> instead of triggering a <code>wp_die()</code>) and should have some more helpful information, including a link to external documentation.
</li></ol>johnbillionhttp://core.trac.wordpress.org/ticket/39110
http://core.trac.wordpress.org/ticket/39110Report#28407: You are unable to override the attachment name in wp_mail() when adding attachmentssyntaxartFri, 30 May 2014 16:15:50 GMTThu, 28 Dec 2017 11:58:28 GMT<p>
Hi,
</p>
<p>
When you create an email and add an attachment your may have obtained the attachment filepath using the file upload control. This means you will have a .tmp file extension on your email attachment. When the user receives the email, the attachment is not useful. In order to get the attachment to work correctly you need to first add the tmp filepath and then override the filename. PHPMailer allows you to do this with the AddAttachment function. The wordpress wp_mail function does not allow for this to happen.
</p>
<p>
The problem with wp_mail() in wp-includes/pluggable.php is at line 483
</p>
<pre class="wiki">if ( !empty( $attachments ) ) {
foreach ( $attachments as $attachment ) {
try {
$phpmailer-&gt;AddAttachment($attachment);
} catch ( phpmailerException $e ) {
continue;
}
}
}
</pre><p>
I overcame this problem by copying the function and then replacing the above block of code with
</p>
<pre class="wiki">if (!empty($attachments)) {
foreach ($attachments as $name =&gt; $attachment) {
try {
$phpmailer-&gt;AddAttachment($attachment, $name);
} catch (phpmailerException $e) {
continue;
}
}
}
</pre><p>
The wp_mail function is an important core function and in my opinion is best not to override.
</p>
<p>
Is it possible to enhance the wp_mail function for this. I have read forums on the internet which has pointed to the issue above. It would be good to offer some of the features which phpmailer is offering.
</p>
<p>
Thank you very much.
</p>
<p>
Ryan
</p>
syntaxarthttp://core.trac.wordpress.org/ticket/28407
http://core.trac.wordpress.org/ticket/28407Report#41612: "URL" field in Media Modal confusing for newer usersmelchoyceFri, 11 Aug 2017 15:27:52 GMTMon, 26 Feb 2018 16:26:26 GMT<p>
When testing the image widget recently, I found that many of the folks I tested with confused the image URL field with a place to add a link to their image. It says "URL," so people expect they can select and paste a URL into it. It's also is automatically focused when you select an image, which immediately draws some attention to it.
</p>
<p>
We could consider reorganizing this sidebar so that that the URL is placed either lower down, or in a different location, and have something like “Title” first. We could also, at the very least, consider updating the Image URL label, maybe even just from “URL” to “Image URL?”
</p>
melchoycehttp://core.trac.wordpress.org/ticket/41612
http://core.trac.wordpress.org/ticket/41612Report#39667: Improve showing metadata in media viewPresskoppMon, 23 Jan 2017 04:17:01 GMTSun, 18 Feb 2018 13:00:01 GMT<p>
I'd like to see units after numbers here, see screenshot.
</p>
<p>
This is the view you get after clicking a video in media gallery (Attachment Details) and then click on "Edit more details"
</p>
Presskopphttp://core.trac.wordpress.org/ticket/39667
http://core.trac.wordpress.org/ticket/39667Report#39963: MIME Alias HandlingblobfolioFri, 24 Feb 2017 19:47:12 GMTFri, 10 Nov 2017 22:43:54 GMT<p>
WordPress currently only supports a single MIME type for a given extension. This is good enough in many cases, but begins to cause problems like <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/39550" title="#39550: defect (bug): Some Non-image files fail to upload after 4.7.1 (closed: fixed)">#39550</a> when a library references an alternative MIME type (like audio/mpeg vs audio/mp3).
</p>
<p>
We probably don't want to introduce changes to the basic MIME functions as that could have crazy-far-reaching consequences, but we could add a <code>wp_check_mime_alias($filename, $mime, $allowed_mimes)</code> function, and query it in places where validation-by-MIME is happening.
</p>
<p>
This would require a comprehensive collection of MIMEs, past, present, vernacular, etc. I am actually already maintaining such a database for another PHP library that combines results from Nginx, Apache, freedesktop.org, and IANA. So let's start from the assumption that the necessary data already exists for retrieving all possible MIME types for a given extension.
</p>
<p>
I can whip up a patch with the added functionality, but wanted to first get some feedback on where/how the data should be incorporated (it is a rather big list, a PHP array would go on for miles.. I'm keeping it in a JSON file currently), and what existing areas might need to plug into that.
</p>
<p>
@joemcgill, do you have any initial thoughts?
</p>
blobfoliohttp://core.trac.wordpress.org/ticket/39963
http://core.trac.wordpress.org/ticket/39963Report#42017: Parse the creation date out of uploaded audio filesdesrosjThu, 28 Sep 2017 03:31:18 GMTThu, 22 Mar 2018 19:55:53 GMT<p>
This is a companion ticket to <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/35218" title="#35218: enhancement: Parse the creation date out of uploaded videos (closed: fixed)">#35218</a> which adds parsing for the creation date out of uploaded video files, and will introduce <code>wp_get_media_creation_timestamp()</code>.
</p>
<p>
The same should be done for audio files using the same function.
</p>
desrosjhttp://core.trac.wordpress.org/ticket/42017
http://core.trac.wordpress.org/ticket/42017Report#43290: Add rel="noopener" to target="_blank" links by default in menu walkeraudrasjbSun, 11 Feb 2018 21:30:09 GMTThu, 15 Mar 2018 07:38:54 GMT<p>
WordPress core previously introduced <code>rel="noopener"</code> attribute to <code>target="_blank"</code> links –which is fine– but I think menu items should also add this attribute to target-blank links.
</p>
<p>
I know there is already an optional "Link Relationship (XFN)" text input but 1) It's optional and tricky for unexperimented users ; 2) I think we should add rel="noopener" attribute by default when "Open link in a new tab" option is checked and "Link Relationship (XFN)" input is empty.
</p>
<p>
Related: <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/43280" title="#43280: defect (bug): Add rel=&#34;noopener&#34; to target=&#34;_blank&#34; links by default in image widget (assigned)">#43280</a> , <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/37941" title="#37941: enhancement: add rel=&#34;noopener noreferrer&#34; to any target=&#34;_blank&#34; (assigned)">#37941</a>
</p>
audrasjbhttp://core.trac.wordpress.org/ticket/43290
http://core.trac.wordpress.org/ticket/43290Report#42596: Remove extra space in menus post body contentShital PatelFri, 17 Nov 2017 08:14:34 GMTMon, 27 Nov 2017 15:02:35 GMTShital Patelhttp://core.trac.wordpress.org/ticket/42596
http://core.trac.wordpress.org/ticket/42596Report#41146: Add filter for a site's class (WP_MS_Users_List_Table)kraftbjSat, 24 Jun 2017 03:37:27 GMTFri, 17 Nov 2017 22:37:37 GMT<p>
In the <code>WP_MS_Users_List_Table</code>, each site that is listed is <code>span</code>'d with a class of <code>site-#</code> where <code>#</code> is the ID of the network for a site.
</p>
<p>
Adding a filter to this class would allow site administrators to add addition classes to this output which would easily allow for styling of site items based on the additional classes.
</p>
kraftbjhttp://core.trac.wordpress.org/ticket/41146
http://core.trac.wordpress.org/ticket/41146Report#42135: Add filter to disable email sent by wp-admin/network/site-new.phpjohnbillionSat, 07 Oct 2017 14:33:33 GMTMon, 08 Jan 2018 16:15:13 GMT<p>
Related: <a class="reviewing ticket" href="http://core.trac.wordpress.org/ticket/42134" title="#42134: enhancement: Add filter to emails sent by wp-admin/network/site-new.php (reviewing)">#42134</a>
</p>
<p>
<code>wp-admin/network/site-new.php</code> contains a call to <code>wp_mail()</code> which sends an email when a new site is created from Network Admin -&gt; Sites -&gt; Add New on Multisite. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-admin/network/site-new.php?marks=137-159#L136">Ref</a>).
</p>
<p>
It's not possible to disable the email via a filter. One should be implemented similarly to the <code>send_password_change_email </code> filter. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/user.php?marks=1772-1784#L1766">Ref</a>).
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42135
http://core.trac.wordpress.org/ticket/42135Report#42134: Add filter to emails sent by wp-admin/network/site-new.phpjohnbillionSat, 07 Oct 2017 14:30:16 GMTMon, 27 Nov 2017 18:20:38 GMT<p>
<code>wp-admin/network/site-new.php</code> contains a call to <code>wp_mail()</code> which sends an email when a new site is created from Network Admin -&gt; Sites -&gt; Add New on Multisite. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-admin/network/site-new.php?marks=137-159#L136">Ref</a>).
</p>
<p>
The contents of the email cannot be filtered. The recipient, subject, message, and headers should be passed through a filter in the same format as the <code>password_change_email </code> filter. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/user.php?marks=1842-1864#L1818">Ref</a>).
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42134
http://core.trac.wordpress.org/ticket/42134Report#43594: Document $blogname, $blog_title, $errors, $domain, $path global in validate_another_blog_signup()mukesh27Wed, 21 Mar 2018 08:46:08 GMTThu, 22 Mar 2018 16:49:59 GMT<p>
global $blogname, $blog_title, $errors, $domain, $path are used but it is not mentioned in the documentation of the validate_another_blog_signup() function.
</p>
mukesh27http://core.trac.wordpress.org/ticket/43594
http://core.trac.wordpress.org/ticket/43594Report#40364: Improve site creation in multisitejeremyfeltWed, 05 Apr 2017 00:18:00 GMTTue, 22 May 2018 17:40:23 GMT<p>
<code>wpmu_create_blog()</code> is responsible for a lot. It uses <code>insert_blog()</code>, <code>install_blog()</code>, <code>wp_install_defaults()</code> and many other things to accomplish the task of creating a site.
</p>
<p>
We should go through this process and determine what kind of improvements can be made as part of <code>wpmu_create_blog()</code> or in a new <code>wp_create_site()</code>/<code>wp_insert_site()</code> function that is more in tune with the objectives of site creation through the REST API. See <a class="new ticket" href="http://core.trac.wordpress.org/ticket/40365" title="#40365: task (blessed): Introduce a REST API endpoint for sites (new)">#40365</a>.
</p>
jeremyfelthttp://core.trac.wordpress.org/ticket/40364
http://core.trac.wordpress.org/ticket/40364Report#40180: Introduce `get_site_by()` function for multisiteflixos90Fri, 17 Mar 2017 10:54:31 GMTMon, 20 Nov 2017 18:59:57 GMT<p>
As @stephdau mentioned on <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/40064" title="#40064: enhancement: Deprecate `get_blog_details()` (closed: maybelater)">#40064</a>, the new <code>get_site()</code> function from 4.6 is not a direct replacement for <code>get_blog_details()</code> which we are planning to deprecate.
</p>
<p>
Therefore I think it makes sense to introduce a function <code>get_site_by()</code> that is basically a wrapper for a <code>WP_Site_Query</code> (with <code>LIMIT 1</code>), and then runs <code>array_shift()</code> to only return the first result. This function would then become the direct replacement that people who previously relied on <code>get_blog_details()</code> with something other than an ID could use.
</p>
<p>
Parameter-wise, we should probably adjust it a little bit to match things like <code>get_term_by()</code>, which also makes the way that function works more explicit.
</p>
flixos90http://core.trac.wordpress.org/ticket/40180
http://core.trac.wordpress.org/ticket/40180Report#42091: Use get_site_by() in get_id_from_blogname()jeremyfeltWed, 04 Oct 2017 18:13:10 GMTMon, 27 Nov 2017 18:14:51 GMT<p>
The introduction of <code>get_site_by()</code> (see <a class="assigned ticket" href="http://core.trac.wordpress.org/ticket/40180" title="#40180: enhancement: Introduce `get_site_by()` function for multisite (assigned)">#40180</a>) gives us the opportunity to clean up some similar code.
</p>
jeremyfelthttp://core.trac.wordpress.org/ticket/42091
http://core.trac.wordpress.org/ticket/42091Report#40228: Use get_sites in get_blog_detailsspacedmonkeyWed, 22 Mar 2017 05:35:18 GMTMon, 20 Nov 2017 18:59:58 GMT<p>
Currently get_blog_details performs raw sql queries to get data out of the blogs tables. This data is then cached. However how the caching is done in the function is horrible. It generates three different caches that store the whole wp_site object in cache.
</p>
<div class="wiki-code"><div class="code"><pre><span class="x">wp_cache_delete( $blog_id , 'blog-details' );
wp_cache_delete( $blog_id . 'short' , 'blog-details' );
wp_cache_delete( $domain_path_key, 'blog-lookup' );
</span></pre></div></div><p>
This function should be refactor to use get_sites and relay on the caching built into wp_site_query
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/40228
http://core.trac.wordpress.org/ticket/40228Report#42252: Use more granular caching for common queries in `WP_Site_Query`flixos90Tue, 17 Oct 2017 17:29:08 GMTTue, 15 May 2018 16:23:41 GMT<p>
The new function <code>get_site_by()</code> that should serve as a modern replacement for <code>get_blog_details()</code> ended up not making it into 4.9, because it had several drawbacks of the latter related to caching, particularly caused by the caches used in <code>WP_Site_Query</code> being invalidated on any update to any site, which makes caching almost useless in a very big and active setup.
</p>
<p>
Better handling of caching specific queries that are common should be explored, particularly for queries which can be invalidated only by invalidating the caches for a specific site instead of relying on the aggressively invalidated <code>last_changed</code>. Let's look at how some of the old caches like <code>blog-lookup</code> or <code>blog-id-cache</code> work, and apply that to the modern behavior of <code>WP_Site_Query</code>.
</p>
<p>
While mentioning <code>get_site_by()</code> above, the changes should preferably be made to <code>WP_Site_Query</code> to benefit any other multisite area making such queries as well.
</p>
flixos90http://core.trac.wordpress.org/ticket/42252
http://core.trac.wordpress.org/ticket/42252Report#37231: Allow heading level to be specified when calling `do_meta_boxes()`jdgrimesWed, 29 Jun 2016 15:41:25 GMTThu, 08 Mar 2018 04:02:14 GMT<p>
In <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/33557" title="#33557: defect (bug): #a11y-headings - Post Meta Boxes H3 to H2 (closed: fixed)">#33557</a> the <code>do_meta_boxes()</code> function <a href="https://core.trac.wordpress.org/changeset/35128#file3">was updated</a> to use <code>h2</code> headings instead of <code>h3</code>, for better accessibility for the post meta boxes. However, plugins use meta boxes on a variety of different admin screens with different structures, with the result that the correct heading level will vary from one group of meta boxes to the next. I propose that we introduce a new <code>$heading_level</code> parameter to the <code>do_meta_boxes()</code> function. That will let the heading level be specified for each group of meta boxes independently, resulting in improved document structure of plugin admin screens and thus better accessibility.
</p>
<p>
The only thing that will need to be considered is that the CSS styles currently probably only apply to <code>h2</code> and <code>h3</code> (back-compat) meta box headings. I'd need them to also work with <code>h4</code> headings as well. I'm not sure if any JS would be affected, but I figure that most JS will be using classes to identify meta box headers.
</p>
jdgrimeshttp://core.trac.wordpress.org/ticket/37231
http://core.trac.wordpress.org/ticket/37231Report#43559: wp_ajax_add_meta() does not allow empty valuescharlestonswThu, 15 Mar 2018 13:55:44 GMTSun, 15 Apr 2018 20:32:49 GMT<p>
Users should be allowed to set post meta keys to an empty string.
</p>
<p>
With custom post types there are many ways to use the custom meta data. In one of my use cases I use the meta values to drive a remote application. The REST API sends back a JSON response. If a key is present in the response it sets the corresponding value in the remote app.
</p>
<p>
Having the ability to send back a key with an EMPTY STRING value is critical for writing simple reactive applications (Vue , React, etc.) that call upon the WordPress REST API without having to craft a completely custom solution.
</p>
<p>
I am trying to use a standard WP REST endpoint to fetch a custom post type. Without the ability to set a custom post type "custom field" to an empty string I am going to have to write a custom post type so a user can enter something crazy like &amp;nbsp; into that field , catch that, and then convert it to <em> before sending to the remote app. That is a bad hack -- when doing HTML/CSS values back to the remote app a user might actually WANT &amp;nbsp; in the output.
</em></p>
<p>
Why are <em> values being rejected in WP Posts custom meta in the first place?
</em></p>
<p>
IMO this should be removed from \wp_ajax_add_meta() in wp-admin/includes/ajax-actions.php
</p>
<pre class="wiki"> if ( '' == trim($key) )
wp_die( __( 'Please provide a custom field name.' ) );
</pre><p>
Or at least add a filter/hook so this default behavior can be mitigated:
</p>
<pre class="wiki"> if ( apply_filters( 'wp_reject_meta_values' , '' , $pid ) == trim($key) )
wp_die( __( 'Please provide a custom field name.' ) );
</pre><p>
Even better - allow users to provide an array of values to reject:
</p>
<pre class="wiki"> $rejected_values = (array) apply_filters( 'wp_reject_meta_values' , '' , $pid );
if ( in_array( trim( $key ) , $rejected_values ) )
wp_die( __( 'Please provide a custom field name.' ) );
</pre>charlestonswhttp://core.trac.wordpress.org/ticket/43559
http://core.trac.wordpress.org/ticket/43559Report#21112: Add pre_wp_unique_post_slug to override post slug handlingcoffee2codeFri, 29 Jun 2012 14:38:32 GMTThu, 19 Apr 2018 01:13:47 GMT<p>
As originally <a class="ext-link" href="http://core.trac.wordpress.org/ticket/20480#comment:4"><span class="icon">​</span>proposed</a> in the comments of <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/20480" title="#20480: defect (bug): Can't access original slug with wp_unique_post_slug filter (closed: fixed)">#20480</a> (and in fact further back in a <a class="ext-link" href="http://core.trac.wordpress.org/ticket/14111#comment:4"><span class="icon">​</span>comment</a> for <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/14111" title="#14111: enhancement: wp_unique_post_slug() doesn't have a filter (closed: fixed)">#14111</a>), a <code>pre_wp_unique_post_slug</code> filter early in <code>wp_unique_post_slug()</code>could be useful and justified for some use cases rather than relying on the existing and late-firing <code>wp_unique_post_slug</code> filter for a couple reasons:
</p>
<ul><li><code>wp_unique_post_slug()</code> (and thus this new filter) is not high use, so won't impact performance
</li><li><code>wp_unique_post_slug()</code> performs database queries (perhaps repeatedly until a unique slug is found), fires other filters, etc, all of which may be rendered moot if a hooking function's intent is to fully implement its own slug generation/handling logic. The pre slug could short-circuit that unnecessary effort.
</li></ul><p>
The attached patch introduces the new filter in addition to adding related phpDocs.
</p>
coffee2codehttp://core.trac.wordpress.org/ticket/21112
http://core.trac.wordpress.org/ticket/21112Report#43632: Add a musical note symbol to Hello Dolly lyricsSergeyBiryukovSun, 25 Mar 2018 22:02:16 GMTMon, 21 May 2018 20:42:03 GMT<p>
Background: <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/43555" title="#43555: enhancement: Keep Hello Dolly from displaying sexist text in the admin (closed: fixed)">#43555</a>
</p>
<p>
Originally suggested by @TJNowell in <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/43555#comment:30" title="Comment 30 for #43555: enhancement: Keep Hello Dolly from displaying sexist text in the admin (closed: fixed)">comment:30:ticket:43555</a>:
</p>
<blockquote class="citation">
<p>
Would it make sense to add a musical note symbol to clarify that it is indeed lyrics? Perhaps turn it into a link to the full Hello Dolly lyrics so it has some context?
</p>
</blockquote>
<p>
Even without a link, a note symbol seems like an easy improvement adding some sort of context. See the screenshot with <a class="ext-link" href="http://www.fileformat.info/info/unicode/char/266B/index.htm"><span class="icon">​</span>beamed eighth notes</a> (<code>&amp;#9835;</code>).
</p>
SergeyBiryukovhttp://core.trac.wordpress.org/ticket/43632
http://core.trac.wordpress.org/ticket/43632Report#41346: Introduce a hook for individual plugin loadedRarstMon, 17 Jul 2017 16:16:36 GMTFri, 27 Apr 2018 17:11:28 GMT<p>
The current plugin load during core boot is essentially a series of <code>include</code> firing:
</p>
<div class="wiki-code"><div class="code"><pre><span class="x">// Load active plugins.
foreach ( wp_get_active_and_valid_plugins() as $plugin ) {
wp_register_plugin_realpath( $plugin );
include_once( $plugin );
}
unset( $plugin );
</span></pre></div></div><p>
Currently it is <em>exceptionally</em> hard to fire off arbitrary code between these includes. The closest I got over years is the following code, which I consider highly unstable: <a class="ext-link" href="https://gist.github.com/Rarst/c32575ffc26df59a45c0"><span class="icon">​</span>https://gist.github.com/Rarst/c32575ffc26df59a45c0</a>
</p>
<p>
Distinguishing between load events of individual plugins is highly desirable for performance troubleshooting. In current state it is defacto impossible to troubleshoot with PHP code, requiring manual toggling of plugins or low level PHP profiler set up.
</p>
<p>
Adding individual plugin load event will make it <strong>much</strong> easier to profile and diagnose performance issues at this load stage.
</p>
<p>
Can be as simple as:
</p>
<div class="wiki-code"><div class="code"><pre><span class="x"> include_once( $plugin );
do_action( 'plugin_loaded', $plugin );
</span></pre></div></div>Rarsthttp://core.trac.wordpress.org/ticket/41346
http://core.trac.wordpress.org/ticket/41346Report#43817: REST API: Include 'formats' attribute on Post Type resourcepentoFri, 20 Apr 2018 04:52:40 GMTMon, 23 Apr 2018 06:59:34 GMT<p>
We need to know which post formats we can display when editing a post in Gutenberg.
</p>
<p>
While supported post formats are technically a theme setting, not a post type setting, post type is the closest matching resource that we make available.
</p>
<p>
See: <a class="ext-link" href="https://github.com/WordPress/gutenberg/pull/6301"><span class="icon">​</span>https://github.com/WordPress/gutenberg/pull/6301</a>
</p>
pentohttp://core.trac.wordpress.org/ticket/43817
http://core.trac.wordpress.org/ticket/43817Report#40413: Handle `register_post_type` support's arrayMaximeCuleaTue, 11 Apr 2017 10:54:38 GMTTue, 12 Dec 2017 09:56:03 GMT<p>
When registering a post_type's support with the <code>add_post_type_support()</code> function, it's possible to pass "extra" args to the support, because of the <code>func_num_args</code> which will check if there is a third arg.
</p>
<p>
While when using <code>register_post_type()</code>, you can't pass any extra args to a support, because it will be stripped by how WP_Post_Type-&gt;add_supports <a class="ext-link" href="https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-post-type.php#L549"><span class="icon">​</span>works</a>.
</p>
MaximeCuleahttp://core.trac.wordpress.org/ticket/40413
http://core.trac.wordpress.org/ticket/40413Report#43638: Introducing 'sanitize_post' filterenrico.sorcinelliMon, 26 Mar 2018 21:04:00 GMTWed, 02 May 2018 18:43:54 GMT<p>
I was trying to do a post field sanitization on new post insertions that depended on the value of another field.
</p>
<p>
While it quite easy in administration context, using for example <code>pre_{$field}</code> or <code>{$field_no_prefix}_save_pre</code> filters in conjunction to <code>$_POST</code> and so on, it seems that there's no direct way using <code>wp_insert_post</code> since the filters above do not have references to the other fields or to the ID of the post (which is also useless in the case of new posts) but only refers to the value to be sanitized.
</p>
<p>
So this enhancement aims to introduce new <code>sanitize_post</code> filter.
</p>
<p>
PS: Of course I could sanitize values directly in <code>wp_insert_post</code> but only assuming I have control of the code or at the cost of duplicate the sanitization in each <code>wp_insert_post</code> calls.
￼
</p>
enrico.sorcinellihttp://core.trac.wordpress.org/ticket/43638
http://core.trac.wordpress.org/ticket/43638Report#43446: `meta_compare_key` should support more operators than `LIKE` and `=`boonebgorgesThu, 01 Mar 2018 04:12:01 GMTSat, 10 Mar 2018 17:28:31 GMT<p>
<code>meta_compare_key</code> was introduced in <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/42409" title="#42409: enhancement: Add LIKE support to meta_key comparisons in WP_Meta_Query (closed: fixed)">#42409</a>. The default is <code>=</code> and it also supports <code>LIKE</code>. It could potentially support more options.
</p>
<p>
See <a href="https://core.trac.wordpress.org/ticket/42409#comment:4">https://core.trac.wordpress.org/ticket/42409#comment:4</a> and especially <a href="https://core.trac.wordpress.org/ticket/42409#comment:13">https://core.trac.wordpress.org/ticket/42409#comment:13</a> for some important considerations.
</p>
boonebgorgeshttp://core.trac.wordpress.org/ticket/43446
http://core.trac.wordpress.org/ticket/43446Report#43887: Expose Gutenberg Data Format version in the REST APIdanielbachhuberFri, 27 Apr 2018 22:45:07 GMTSat, 28 Apr 2018 14:26:21 GMT<p>
From <a class="ext-link" href="https://github.com/WordPress/gutenberg/issues/6435"><span class="icon">​</span>https://github.com/WordPress/gutenberg/issues/6435</a>
</p>
<blockquote class="citation">
<p>
More advanced REST API consumers will want to switch how they handle post_content depending on whether the content contains blocks or not, and (in the future) will likely want to switch based on which version of the block format it contains.
</p>
<p>
Rather than requiring consumers to duplicate how Gutenberg determines whether to parse blocks or not, we can expose the same information in post objects returned by the REST API.
</p>
<p>
Currently, it would return:
</p>
<ul><li><code>0</code>: The <code>post_content</code> does not contain blocks, it can be treated as classic content.
</li><li><code>1</code>: The <code>post_content</code> contains blocks, it should be treated appropriately.
</li></ul><p>
If the block format has back compat breaking changes in the future, we can increment this value as needed.
</p>
<p>
For an immediate practical use, this would be useful for the WordPress mobile apps to decide how to handle the <code>post_content</code>: <a class="ext-link" href="https://github.com/wordpress-mobile/WordPress-iOS/pull/9194"><span class="icon">​</span>https://github.com/wordpress-mobile/WordPress-iOS/pull/9194</a>
</p>
</blockquote>
danielbachhuberhttp://core.trac.wordpress.org/ticket/43887
http://core.trac.wordpress.org/ticket/43887Report#43757: `WP_REST_Attachments_Controller` includes entire admin includes for a few utility functionslonelyveganFri, 13 Apr 2018 10:33:15 GMTMon, 16 Apr 2018 01:06:09 GMT<p>
Looks like <a href="https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php">https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php</a> uses only a few admin function (<code>wp_handle_upload</code>, <code>wp_generate_attachment_metadata</code>, <code>wp_tempnam</code>, and <code>wp_handle_sideload</code>) but it's requiring the entire <code>admin.php</code> include.
</p>
<p>
It seems we could just require <code>file.php</code> and <code>image.php</code> from the admin directly instead.
</p>
lonelyveganhttp://core.trac.wordpress.org/ticket/43757
http://core.trac.wordpress.org/ticket/43757Report#43677: Update doc and return type for save_mod_rewrite_rulessebastian.pisulaMon, 02 Apr 2018 21:11:17 GMTMon, 02 Apr 2018 21:15:05 GMT<p>
Add return tag and return false if is multisite
</p>
sebastian.pisulahttp://core.trac.wordpress.org/ticket/43677
http://core.trac.wordpress.org/ticket/43677Report#42589: Add missing "third argument" documentation to user_can()mariovalneyThu, 16 Nov 2017 20:28:54 GMTFri, 17 Nov 2017 21:18:11 GMT<p>
There is an undocumented, third argument, <strong>$args</strong>, into <a class="ext-link" href="https://developer.wordpress.org/reference/functions/user_can/"><span class="icon">​</span>user_can()</a> function as written in <a class="ext-link" href="https://developer.wordpress.org/plugins/users/roles-and-capabilities/#user-can"><span class="icon">​</span>Roles and Capabilities</a> section of Plugin Handbook.
</p>
<p>
It's the same of <a class="ext-link" href="https://developer.wordpress.org/reference/functions/current_user_can/"><span class="icon">​</span>current_user_can()</a> (already documented).
</p>
mariovalneyhttp://core.trac.wordpress.org/ticket/42589
http://core.trac.wordpress.org/ticket/42589Report#43308: Alter behavior load-scripts.php and load-styles.php to reduce potentially adverse scenariosyoungcpWed, 14 Feb 2018 01:18:07 GMTSun, 25 Mar 2018 19:04:42 GMT<p>
Based mostly on <a class="ext-link" href="https://github.com/WazeHell/CVE-2018-638"><span class="icon">​</span>https://github.com/WazeHell/CVE-2018-638</a>
</p>
<p>
<a class="ext-link" href="https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html"><span class="icon">​</span>https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html</a>
</p>
<p>
<a class="ext-link" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389"><span class="icon">​</span>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389</a>
</p>
<p>
Loads full <code>wp-admin/admin.php</code> during <code>wp-admin/load-scripts.php</code> and <code>wp-admin/load-styles.php</code>
</p>
<p>
Removes <code>wp-admin/includes/noop.php</code>
</p>
<p>
Patch: <a class="ext-link" href="https://patch-diff.githubusercontent.com/raw/WordPress/WordPress/pull/343.patch"><span class="icon">​</span>https://patch-diff.githubusercontent.com/raw/WordPress/WordPress/pull/343.patch</a>
</p>
youngcphttp://core.trac.wordpress.org/ticket/43308
http://core.trac.wordpress.org/ticket/43308Report#38474: wp_signups.activation_key stores activation keys in plain texttomdxwMon, 24 Oct 2016 16:17:29 GMTMon, 20 Nov 2017 18:53:26 GMT<h2 id="Steps">Steps</h2>
<ol><li>Visit /wp-admin/user-new.php (on a multisite installation - I haven't tested on single site)
</li><li>Fill out the "Add New User" form but do not check the "Skip Confirmation Email" checkbox
</li><li>The user will be sent an email containing a link to /wp-activate.php?key=7259c714857ef009
</li></ol><h2 id="Actualbehaviour">Actual behaviour</h2>
<p>
This key is stored in the database unencrypted:
</p>
<pre class="wiki">mysql&gt; select activation_key from wp_signups where signup_id=4;
+------------------+
| activation_key |
+------------------+
| 7259c714857ef009 |
+------------------+
1 row in set (0.00 sec)
</pre><h2 id="Expectedbehaviour">Expected behaviour</h2>
<p>
wp_users.user_activation_key contains a timestamp and a hash of the key. wp_signups.activation_key is no less important to security and so should include these security features too.
</p>
tomdxwhttp://core.trac.wordpress.org/ticket/38474
http://core.trac.wordpress.org/ticket/38474Report#38545: Add span element to get_the_archive_title()KairaFri, 28 Oct 2016 08:43:45 GMTMon, 21 May 2018 20:42:03 GMT<p>
As a theme developer (@Kaira) I'd like to request this small feature of adding a &lt;span&gt; element to get_the_archive_title() function.
</p>
<p>
This is to allow theme developers to target and style the archive title with CSS to be able to add styling to it.
</p>
<p>
I've experienced the need for this when developing themes for WordPress.org and for when I'm building client websites.
</p>
<p>
Thanks
</p>
Kairahttp://core.trac.wordpress.org/ticket/38545
http://core.trac.wordpress.org/ticket/38545Report#43517: Adding support of default category term for custom taxonomiesenrico.sorcinelliSat, 10 Mar 2018 17:07:42 GMTFri, 06 Apr 2018 10:45:03 GMT<p>
This patch aims to add the support for default category term in custom taxonomies in the same way that is done for built-in taxonomies.
</p>
<p>
The new <code>default_term</code> argument is added to <code>register_taxonomy()</code> allowing to define the default term <code>name</code> and optionally <code>slug</code> and <code>description</code>. For example:
</p>
<div class="wiki-code"><div class="code"><pre><span class="x">register_taxonomy( 'custom-tax', 'my-cpt', array(
'default_term' =&gt; array( 'name' =&gt; 'My default category', 'slug' =&gt; 'default-category' ),
));
</span></pre></div></div><p>
This way, by inserting a new <code>my-cpt</code> object without setting any <code>custom-tax</code> terms, the default term 'My default category' will be used for that taxonomy.
</p>
<p>
The <code>default_taxonomy_{$axonomy}</code> value is used as <code>option_name</code> in order to save default terms id in <code>wp_options</code>.
</p>
<p>
PS: Apparently, I haven't found any related ticket other than <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/24948" title="#24948: enhancement: wp_delete_term() Shouldn't delete other default terms (closed: invalid)">this old one</a>.
</p>
enrico.sorcinellihttp://core.trac.wordpress.org/ticket/43517
http://core.trac.wordpress.org/ticket/43517Report#43516: Allowing default category to be applied to all CPT associated to 'category' taxonomyenrico.sorcinelliSat, 10 Mar 2018 09:06:24 GMTFri, 06 Apr 2018 10:44:42 GMT<p>
This patch allows to apply the default category term also for post types that have the <code>category</code> taxonomy, not only for <code>post</code>.
</p>
<p>
It's not a too remote case to register new post type and associate it also with the <code>category</code> taxonomy.
Currently in this case, the <code>default_category</code> option value is never applied.
</p>
<p>
I sent two patches. The first one apply the default category term to all post types associated with the <code>category</code> taxonomy.
</p>
<p>
If for legacy reason we don't want introduce any behaviour compatibility break - for example with third party plugins - I sent the second one that introduce a new <code>default_category_post_types</code> filter allowing to define for which post types (in addition to <code>post</code>) to set the <code>default_category</code>.
</p>
enrico.sorcinellihttp://core.trac.wordpress.org/ticket/43516
http://core.trac.wordpress.org/ticket/43516Report#43800: Unnecessary <br /> tag in a note on the category page.pratikthinkWed, 18 Apr 2018 13:08:56 GMTSun, 29 Apr 2018 10:02:24 GMT<p>
An unnecessary &lt;br /&gt; element produces a line break in a note on the Category page.
The description should be appear only after 'Note:'
<br />
Please have a look on the attachment.
</p>
pratikthinkhttp://core.trac.wordpress.org/ticket/43800
http://core.trac.wordpress.org/ticket/43800Report#43522: Add aria-current to output of Walker_Pagechetan200891Sun, 11 Mar 2018 16:26:47 GMTFri, 13 Apr 2018 09:58:26 GMT<p>
From the reference of ticket <a href="https://core.trac.wordpress.org/ticket/43191#comment:10">#43191</a>, Also need to add <code>area-current</code> to output of <code>Walker_Page</code>.
</p>
<p>
I think below modifications can help.
</p>
<div class="wiki-code"><div class="code"><pre><span class="x">if ( $page-&gt;ID == $current_page ) {
$atts['aria-current'] = 'page';
}
</span></pre></div></div>chetan200891http://core.trac.wordpress.org/ticket/43522
http://core.trac.wordpress.org/ticket/43522Report#43682: Document $relative_file, $stylesheet global in wp_print_theme_file_tree()mukesh27Tue, 03 Apr 2018 06:00:34 GMTTue, 03 Apr 2018 11:20:16 GMT<p>
global $relative_file, $stylesheet are used but it is not mentioned in the documentation of the wp_print_theme_file_tree() function.
</p>
mukesh27http://core.trac.wordpress.org/ticket/43682
http://core.trac.wordpress.org/ticket/43682Report#43717: Ping back URL display with out escaping.sharazSat, 07 Apr 2018 09:35:28 GMTSun, 15 Apr 2018 23:22:57 GMT<p>
functions.php
Line no 401 : printf( '&lt;link rel="pingback" href="%s"&gt;' . "\n", get_bloginfo( 'pingback_url' ) );
According to theme review hand book <a class="ext-link" href="https://make.wordpress.org/themes/handbook/review/required/#code"><span class="icon">​</span>Ref</a> data should be escaped before output.
So the right way.
printf( '&lt;link rel="pingback" href="%s"&gt;' . "\n", esc_url( get_bloginfo( 'pingback_url' ) ) );
</p>
sharazhttp://core.trac.wordpress.org/ticket/43717
http://core.trac.wordpress.org/ticket/43717Report#40731: locate_template() performance improvementdanielhueskenThu, 11 May 2017 12:11:51 GMTMon, 11 Dec 2017 08:50:34 GMT<p>
If the theme uses massive the *_template functions it can come to a slow performance because the the files will be searched again and again.
</p>
<p>
We can improve the performance if we use a static cache like this:
</p>
<pre class="wiki">function locate_template($template_names, $load = false, $require_once = true ) {
static $template_cache;
$located = '';
foreach ( (array) $template_names as $template_name ) {
if ( !$template_name )
continue;
if ( $template_cache[$template_name] ) {
$located = $template_cache[$template_name];
break;
}
if ( isset( $template_cache[$template_name] ) &amp;&amp; ! $template_cache[$template_name] )
continue;
if ( file_exists(STYLESHEETPATH . '/' . $template_name)) {
$located = STYLESHEETPATH . '/' . $template_name;
$template_cache[$template_name] = $located;
break;
} elseif ( file_exists(TEMPLATEPATH . '/' . $template_name) ) {
$located = TEMPLATEPATH . '/' . $template_name;
$template_cache[$template_name] = $located;
break;
} elseif ( file_exists( ABSPATH . WPINC . '/theme-compat/' . $template_name ) ) {
$located = ABSPATH . WPINC . '/theme-compat/' . $template_name;
$template_cache[$template_name] = $located;
break;
}
$template_cache[$template_name] = false;
}
if ( $load &amp;&amp; '' != $located )
load_template( $located, $require_once );
return $located;
}
</pre>danielhueskenhttp://core.trac.wordpress.org/ticket/40731
http://core.trac.wordpress.org/ticket/40731Report#42133: Add filter to emails sent by wp_new_blog_notification()johnbillionSat, 07 Oct 2017 14:27:37 GMTMon, 27 Nov 2017 18:20:38 GMT<p>
<code>wp_new_blog_notification()</code> contains a call to <code>wp_mail()</code> which sends an email when WordPress is first installed, and when a site is added to a Multisite network. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-admin/includes/upgrade.php?marks=376-399#L361">Ref</a>).
</p>
<p>
The contents of the email cannot be filtered. The recipient, subject, message, and headers should be passed through a filter in the same format as the <code>password_change_email </code> filter. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/user.php?marks=1842-1864#L1818">Ref</a>).
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42133
http://core.trac.wordpress.org/ticket/42133Report#36455: Call opcache_reset() after plug-in, theme or core updatenigro.simoneSat, 09 Apr 2016 09:14:02 GMTThu, 17 May 2018 22:45:00 GMT<p>
wordpress it seem not reset Zend OpCache after plug-in, theme or core are updated.
</p>
<p>
For solve this issue i have set in the php.ini
</p>
<pre class="wiki">opcache.validate_timestamps=1
</pre><p>
all work correctly but validate_timestamps when it's enabled, PHP will check the file timestamp each request with a performance degradation. When it's disabled, PHP files are NEVER checked for updated code. When wordpress updating code, new code files can get mixed with old ones, the results are unknown. It's unsafe as hell.
</p>
<p>
Why wordpress not perform an opcache_reset() after each update if opcache is active and opcache.validate_timestamps is false?
</p>
nigro.simonehttp://core.trac.wordpress.org/ticket/36455
http://core.trac.wordpress.org/ticket/36455Report#42749: Accessibility enhancements for change password fieldalexstineWed, 29 Nov 2017 19:15:01 GMTMon, 11 Dec 2017 16:43:34 GMT<p>
Attaching accessibility enhancements to the users.js file which includes support for the change password box. The button is now never hidden and will offer a more accessible experience.
</p>
<ul><li>Announce when form is open or closed.
</li><li>Focus in form after open.
</li></ul><p>
Hope it's useful.
</p>
alexstinehttp://core.trac.wordpress.org/ticket/42749
http://core.trac.wordpress.org/ticket/42749Report#43679: Add $this to found_users_query filterspacedmonkeyMon, 02 Apr 2018 22:07:59 GMTWed, 04 Apr 2018 16:07:33 GMT<p>
Add more context to the <code>found_users_query</code> filter, by adding this to the filter.
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/43679
http://core.trac.wordpress.org/ticket/43679Report#42132: Add filter to emails sent by wp-admin/user-new.phpjohnbillionSat, 07 Oct 2017 14:24:06 GMTTue, 22 May 2018 19:27:42 GMT<p>
<code>wp-admin/user-new.php</code> contains a call to <code>wp_mail()</code> which sends an email when an existing user is invited to a site from the <code>Users -&gt; Add New -&gt; Add Existing User</code> screen within a site on Multisite. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-admin/user-new.php?marks=92-100#L91">Ref</a>).
</p>
<p>
The contents of the email cannot be filtered. The subject, message, and headers should be passed through a filter in the same format as the <code>password_change_email </code> filter. (<a href="https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/user.php?marks=1842-1864#L1818">Ref</a>).
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/42132
http://core.trac.wordpress.org/ticket/42132Report#43680: Add new filter to WP_User_QueryspacedmonkeyMon, 02 Apr 2018 22:19:50 GMTWed, 04 Apr 2018 16:12:39 GMT<p>
Add a new filter to filter the value of results returned from the WP_User_Query. This brings the WP_User_Query class inline with other query classes, like WP_Query, which already has <code>posts_results</code> filter. This filter is a powerful one, that will allow for third party code, to hook in and change the results of the query.
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/43680
http://core.trac.wordpress.org/ticket/43680Report#43693: Add pre filter in count user functionspacedmonkeyWed, 04 Apr 2018 20:59:43 GMTWed, 04 Apr 2018 21:51:41 GMT<p>
Add filter to the count user function, so the count can changed or filtered.
</p>
spacedmonkeyhttp://core.trac.wordpress.org/ticket/43693
http://core.trac.wordpress.org/ticket/43693Report#42277: Remove useless tests from `Tests_Basic`Frank KleinThu, 19 Oct 2017 09:05:37 GMTSun, 20 May 2018 09:06:43 GMT<p>
The <code>Tests_Basic</code> class contains several tests, which do not seem to be testing anything useful:
</p>
<ul><li><code>test_globals()</code> and <code>test_globals_bar()</code>: The bug in question has been fixed for a long time, plus issues with PHPUnit should be handled upstream.
</li><li><code>test_setting_nonexistent_arrays()</code>, <code>test_magic_getter()</code>, <code>test_subclass_magic_getter()</code>, <code>test_call_method()</code>, <code>test_subclass_magic_getter()</code>, <code>test_call_method()</code>, <code>test_subclass_call_method()</code>, <code>test_subclass_isset()</code>, and <code>test_subclass_unset()</code> all needlessly test basic PHP features.
</li><li><code>_switch_order_helper()</code> is unused, except in it's <code>test_switch_order()</code> test, and since <code>Tests_Basic</code> is a test class, it can be removed.
</li></ul><p>
Some of these tests have been added for HHVM support, but are no longer needed after this support was removed as part of <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/40548" title="#40548: task (blessed): Remove HHVM from the test matrix on Travis (closed: fixed)">#40548</a>.
</p>
Frank Kleinhttp://core.trac.wordpress.org/ticket/42277
http://core.trac.wordpress.org/ticket/42277Report#43432: Streamline tests with installation skipssoulseekahWed, 28 Feb 2018 09:00:21 GMTWed, 07 Mar 2018 16:49:17 GMT<p>
In line with the recent and amazing <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/42282" title="#42282: enhancement: Provide means of executing PHPUnit continuously over watched files in ... (closed: fixed)">#42282</a> feature I'm proposing we add an environment flag <code>WP_TESTS_SKIP_INSTALL</code> that does not reinstall WordPress. This shaves off at at least 5-10 seconds per run allowing almost instant feedback.
</p>
<p>
Usage: <code>WP_TESTS_SKIP_INSTALL=1 phpunit ...</code>
</p>
soulseekahhttp://core.trac.wordpress.org/ticket/43432
http://core.trac.wordpress.org/ticket/43432Report#42635: Customize: Add default value for customizeAction param for sectionswestonruterMon, 20 Nov 2017 05:30:21 GMTMon, 20 Nov 2017 05:30:21 GMT<p>
Currently the <code>customizeAction</code> has to be explicitly provided when dynamically adding sections via JS. If not, then the section header has broken layout. There should be a default value provided so that this doesn't have to be provided each time (see <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/42083" title="#42083: enhancement: Customize: Clean up longstanding annoyances in JS API (closed: fixed)">#42083</a>). Adding a default value for <code>customizeAction</code> is complicated a bit by the fact that it <a class="ext-link" href="https://github.com/WordPress/wordpress-develop/blob/4af1237176c326e7840361fd580fdc3f97841e6a/src/wp-includes/class-wp-customize-section.php#L228-L233"><span class="icon">​</span>varies based on whether the section has a parent panel</a>. The <code>getContainer</code> method of <code>wp.customize.Section</code> probably should check if <code>customizeAction</code> is empty and if so supply one: it could look to see if it has a <code>panel</code> parent, and if so, grab the title; otherwise, it can use the default “Customizing” value. A default value should have been originally provided in <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/30737" title="#30737: enhancement: JS templates for Customizer Panels and Sections (closed: fixed)">#30737</a>.
</p>
<p>
Workaround for plugins to provide a default value in the mean time:
</p>
<div class="wiki-code"><div class="code"><pre><span class="cp">&lt;?php</span>
<span class="nx">add_action</span><span class="p">(</span> <span class="s1">'customize_controls_enqueue_scripts'</span><span class="p">,</span> <span class="k">function</span><span class="p">()</span> <span class="p">{</span>
<span class="nx">wp_add_inline_script</span><span class="p">(</span>
<span class="s1">'customize-controls'</span><span class="p">,</span>
<span class="nb">sprintf</span><span class="p">(</span>
<span class="s1">'wp.customize.Section.prototype.defaults.customizeAction = %s;'</span><span class="p">,</span>
<span class="nx">wp_json_encode</span><span class="p">(</span> <span class="nx">__</span><span class="p">(</span> <span class="s1">'Customizing'</span> <span class="p">)</span> <span class="p">)</span>
<span class="p">)</span>
<span class="p">);</span>
<span class="p">}</span> <span class="p">);</span>
</pre></div></div>westonruterhttp://core.trac.wordpress.org/ticket/42635
http://core.trac.wordpress.org/ticket/42635Report#42272: Customize: Use client-side templates for rendering base controlswestonruterThu, 19 Oct 2017 03:05:59 GMTMon, 20 Nov 2017 06:18:14 GMT<p>
This is a follow-up on <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/30738" title="#30738: task (blessed): JS content templates for base WP_Customize_Control (closed: fixed)">#30738</a>. See patches on that ticket. Eliminating server-side rendering of the control content for server-side registered controls was not included as part of 4.9 due to it being a big change and it got too late in the release.
</p>
<p>
This will necessarily need to include support for <code>dropdown-pages</code> which we didn't implement in <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/30738" title="#30738: task (blessed): JS content templates for base WP_Customize_Control (closed: fixed)">#30738</a>, since we ran out of time and wanted to rely on REST API for fetching the pages.
</p>
westonruterhttp://core.trac.wordpress.org/ticket/42272
http://core.trac.wordpress.org/ticket/42272Report#42644: Customize: Add rich text control for managing tagline and new footer credit theme supportwestonruterMon, 20 Nov 2017 19:47:50 GMTMon, 20 Nov 2017 20:05:13 GMT<p>
In <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/35243" title="#35243: enhancement: Extending the text widget to also allow visual mode (closed: fixed)">#35243</a> we extended the Text widget to add TinyMCE. This depended on <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/35760" title="#35760: enhancement: Provide API for TinyMCE editor to be dynamically instantiated via JS (closed: fixed)">#35760</a> which introduced the <code>wp.editor.initialize()</code> API for dynamically-instantiating TinyMCE editors. Similarly in <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/41897" title="#41897: defect (bug): Code Editor: Add reusable code editor Customizer control (closed: fixed)">#41897</a> we introduced a Code Editor control which leveraged the <code>wp.codeEditor.initialize()</code> API introduced in <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/12423" title="#12423: feature request: Include default code editor (closed: fixed)">#12423</a>. It would seem that there should similarly be a rich text control available in the Customizer.
</p>
<p>
The rich text control could be used to manage the site's tagline.
</p>
<p>
This rich text control could also be leveraged by themes to manage a site's footer credits; the control could appear in the Site Identity section. Instead of “Powered by WordPress” being hard-coded into the theme's footer, it could instead be the default value for a <code>footer_credit</code> option. This would then allow a user to easily add additional site credits and copyright information to the footer of their site, without having to modify the theme template to do so. WordPress.com has a dropdown control with preset options for this “powered by” text and then a final option to hide for business plans. There could also be a “custom” option which could then reveal a footer credit rich text input where a user could supply links and other content allowed by the Text widget. Naturally the bundled core themes in WordPress.org could make this available by default without requiring a business plan.
</p>
<p>
A new <code>footer_credit</code> theme support could be added support added to Twenty Seventeen to take advantage of this new functionality. Previewing the change to the footer text should be done with selective refresh.
</p>
<p>
The rich text control could also be used in themes for managing other parts of the template, like business hours appearing in the header, without having to add a new widget sidebar.
</p>
<p>
Editor should only initialize once the control's containing section is expanded, as was done with the Code Editor control.
</p>
westonruterhttp://core.trac.wordpress.org/ticket/42644
http://core.trac.wordpress.org/ticket/42644Report#41074: Create new Dashicons (4.9)EmpireOfLightThu, 15 Jun 2017 14:19:41 GMTFri, 18 May 2018 06:51:27 GMT<p>
This ticket is for new Dashicons for the 4.9 release cycle.
It is a continuation of the ticket <a href="https://core.trac.wordpress.org/ticket/39296">https://core.trac.wordpress.org/ticket/39296</a>
</p>
<p>
The following icons has been requested:
</p>
<p>
<strong>Flip of Editor-RTL</strong>: <a class="ext-link" href="https://github.com/WordPress/dashicons/issues/111"><span class="icon">​</span>https://github.com/WordPress/dashicons/issues/111</a>
A reverse of <a class="ext-link" href="https://developer.wordpress.org/resource/dashicons/#editor-rtl"><span class="icon">​</span>https://developer.wordpress.org/resource/dashicons/#editor-rtl</a>
</p>
<p>
<strong>Rest API</strong>: <a class="ext-link" href="https://github.com/WordPress/dashicons/issues/152"><span class="icon">​</span>https://github.com/WordPress/dashicons/issues/152</a>
</p>
<p>
<strong>Variation on earth/world icon (admin-site)</strong>: <a class="ext-link" href="https://github.com/WordPress/dashicons/issues/95"><span class="icon">​</span>https://github.com/WordPress/dashicons/issues/95</a>
</p>
<p>
<strong>Yes Alt</strong>: <a class="ext-link" href="https://github.com/WordPress/dashicons/issues/108"><span class="icon">​</span>https://github.com/WordPress/dashicons/issues/108</a>
</p>
EmpireOfLighthttp://core.trac.wordpress.org/ticket/41074
http://core.trac.wordpress.org/ticket/41074Report#33801: Improved docs for KSESjohnbillionThu, 10 Sep 2015 09:17:10 GMTSat, 28 Apr 2018 13:57:33 GMT<p>
The inline documentation for KSES functions in <code>wp-includes/kses.php</code> is awful. Anyone venturing into this file is gonna have a bad time.
</p>
<p>
A patch is in the works.
</p>
johnbillionhttp://core.trac.wordpress.org/ticket/33801
http://core.trac.wordpress.org/ticket/33801Report#42057: Add ability to pass a label for the <form> element returned by get_search_form()williampattonSun, 01 Oct 2017 16:42:03 GMTWed, 28 Feb 2018 22:52:17 GMT<p>
When more than a single landmark of the same type appears on page it should be labeled so that screen readers can announce it in a descriptive way to users. Currently the default markup of <code>get_search_form();</code> returns HTML with landmark <code>role="search"</code> without a label (or option to add a label). If 2 calls to <code>get_search_form();</code> are made then adding the roles without options for labels limits their usefulness.
</p>
<p>
When reviewing themes I see multiple calls on the same page often. Most commonly it's when someone rolls their own custom search feature (for example a search icon in navbar that brings a search form into view when toggled) is paired with a search widget in the sidebar. There are other situations where more than a single call to <code>get_search_form();</code> may be made.
</p>
<p>
My proposal is to allow an args array to be passed to <code>get_search_form();</code> so that a label could be defined and attached to the <code>&lt;form&gt;</code> element and screen readers can properly announce each search form independently.
</p>
<p>
In this proposal I do not suggest a default as announcing 'Search 1', 'Search 2' etc is only marginally more useful than simply announcing the role itself. There is a previous chanset regarding adding an incremental counter which could be used as a default when no label was passed which may well be worthwhile to look into and merging both into a single change. <a href="https://core.trac.wordpress.org/changeset/23801">https://core.trac.wordpress.org/changeset/23801</a>
</p>
<p>
Additional Notes: There is a backwards compatibility issue involved with this suggested change. I believe I can add this feature and ensure no changes are required on the end user part to keep old calls functional. Patch to be forthcoming.
</p>
williampattonhttp://core.trac.wordpress.org/ticket/42057
http://core.trac.wordpress.org/ticket/42057Report#21170: JavaScript actions and filterskoopersmithThu, 05 Jul 2012 21:34:03 GMTThu, 04 Jan 2018 01:16:12 GMT<p>
The concept of adding JavaScript actions and filters has been tossed around for some time. We've experimented with various configurations of actions in both the fullscreen and customizer APIs, and they've proven their utility enough to graduate them to a core feature in their own right.
</p>
<hr />
<p>
I think that a good events API should satisfy these parameters:
</p>
<ol><li><strong>Support jQuery-style dot namespacing</strong> to allow functions to be easily removed.
</li></ol><ol start="2"><li><strong>Should (likely) support priorities.</strong> While seemingly random numbers aren't fun to use, it allows plugins to cooperate without having to know of each other's existence. We can't expect plugin authors to rearrange the array of callbacks.
</li></ol><ol start="3"><li><strong>Should <em>not</em> force functions to have unique IDs.</strong> Anonymous functions are extremely common in JavaScript — forcing them to be named is contrary to the nature of the language.
</li></ol><ol start="4"><li><strong>Should be structured as a mixin.</strong> The global event loop should be an instance of the core Events object. Using a mixin will allow developers to easily create event loops for their own plugins (to prevent polluting the global namespace — think about large plugins, like bbPress). An events mixin will also enable developers to create more powerful abstractions, such as observable values, collections, and pretty much any structural JS object you can dream up.
</li></ol><ol start="5"><li><strong>Should allow the looping process to be overwritten.</strong> This will result in less code and added flexibility. The only difference between actions and filters is how they handle the callbacks object. There are other types of looping processes that could be beneficial in JS. One example would be returning false if any callback returns false, which could be used to stop a process, much like the native event.stopPropagation method.
</li></ol><hr />
<p>
<strong>Why not use custom jQuery events?</strong>
</p>
<p>
Custom jQuery events are great when we need to trigger actions on a DOM element. Triggering plain events on the body element (or any other hidden element) is not performant — every jQuery event normalizes an DOM Event object, which we then completely ignore.
</p>
<p>
<strong>Should we require jQuery to use the API?</strong>
</p>
<p>
I'm not sure. jQuery.Callbacks may be a helpful solution here, provided we can properly integrate priorities and namespacing. jQuery.Callbacks also only requires jQuery.each and jQuery.extend, so writing a shim that doesn't use the rest of jQuery would not be exceptionally difficult. Either way, switching between one and the other as we develop should not be exceptionally difficult.
</p>
koopersmithhttp://core.trac.wordpress.org/ticket/21170
http://core.trac.wordpress.org/ticket/21170Report#42721: Introduce native language name as a WP_Locale propertySergeyBiryukovTue, 28 Nov 2017 03:11:50 GMTTue, 28 Nov 2017 03:11:50 GMT<p>
At the moment, displaying the current locale's native name is only possible by reusing <code>wp_get_available_translations()</code>, which performs an external request to the translations API and stores the result in a transient.
</p>
<p>
It would be easier if the native name was available as a <code>WP_Locale</code> instance property.
</p>
<p>
Use case: <a class="changeset" href="http://core.trac.wordpress.org/changeset/41198" title="Media: Upgrade MediaElement.js from 2.22.0 to 4.2.3.
Props rafa8626, ...">[41198]</a> introduced <a class="source" href="http://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/script-loader.php?marks=391-445#L391">50+ strings with language names</a><a class="trac-rawlink" href="http://core.trac.wordpress.org/export/HEAD/tags/4.9/src/wp-includes/script-loader.php#L391" title="Download">​</a> for MediaElement.js. Looking at the code, they are used as subtitle track labels, unless the track has its own label.
</p>
<p>
This is only a subset of all locales supported by WordPress. If the goal is to make sure the current locale's name can be used as a subtitle track label, it doesn't make much sense to translate the whole list to 100+ languages.
</p>
SergeyBiryukovhttp://core.trac.wordpress.org/ticket/42721
http://core.trac.wordpress.org/ticket/42721Report#43525: Add a method to generate the image subsizes with multiple requestsazaozzSun, 11 Mar 2018 17:30:36 GMTThu, 15 Mar 2018 19:21:43 GMT<p>
One of the most common reason image uploading fails is when the server doesn't have enough resources to generate all image subsizes "in one go". Then the server runs out of memory or times out, several image subsizes may be generated but the attachment meta in not updated so we don't know about them. The result is uploading has failed and there are several "orphaned" image subsizes in the uploads directory.
</p>
azaozzhttp://core.trac.wordpress.org/ticket/43525
http://core.trac.wordpress.org/ticket/43525Report#43524: Add another default image sizeazaozzSun, 11 Mar 2018 16:52:22 GMTMon, 12 Mar 2018 15:11:08 GMT<p>
We've had the <code>srcset</code> and <code>sizes</code> attributes for quite some time and they seem to work quite well.
</p>
<p>
One problem is that we don't have a 2x images for the built-in <code>large</code> size. Currently when displaying images larger than 512 px on the front-end on devices with high pixel density screens, the browser has only one choice: to output the full size/original image. These images are often as large as 6000px x 4000px and 4MB or even larger.
</p>
<p>
To fix this and not output needlessly large images we need a new size that should be 2x the current "large" size, max 2048px width or height.
</p>
azaozzhttp://core.trac.wordpress.org/ticket/43524
http://core.trac.wordpress.org/ticket/43524Report#34706: Introduce an edit_post_{$post->post_type} actiongarrett-eclipseTue, 17 Nov 2015 00:03:25 GMTWed, 28 Feb 2018 22:01:39 GMT<p>
Hello,
</p>
<p>
I was in the post.php file and found all the action hooks for when a post is saved. Noticed there's a new save_post_{$post-&gt;post_type} hook as of 3.7.0 and thought it would be nice to have similar done for edit_post so can tie into CPT directly with the filter.
</p>
<p>
Would look something like;
</p>
<div class="wiki-code"><div class="code"><pre><span class="cp">&lt;?php</span>
<span class="sd">/**
* Fires once an existing post has been updated.
*
* The dynamic portion of the hook name, `$post-&gt;post_type`, refers to
* the post type slug.
*
* @since 3.7.0
*
* @param int $post_ID Post ID.
* @param WP_Post $post Post object.
*/</span>
<span class="nx">do_action</span><span class="p">(</span> <span class="s2">"edit_post_</span><span class="si">{</span><span class="nv">$post</span><span class="o">-&gt;</span><span class="na">post_type</span><span class="si">}</span><span class="s2">"</span><span class="p">,</span> <span class="nv">$post_ID</span><span class="p">,</span> <span class="nv">$post</span> <span class="p">);</span>
</pre></div></div>garrett-eclipsehttp://core.trac.wordpress.org/ticket/34706
http://core.trac.wordpress.org/ticket/34706Report#43910: Add actions and filters so plugins can easily extend export/erasure functionalityxkonMon, 30 Apr 2018 22:24:35 GMTTue, 22 May 2018 09:54:36 GMT<p>
Splitting this from <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/43481" title="#43481: enhancement: Add tabs and placeholders to privacy tools page in wp-admin (closed: fixed)">#43481</a> .
</p>
<p>
We're waiting for some feedback first to add more thoughts into this, but it needs it's own ticket at the moment.
</p>
xkonhttp://core.trac.wordpress.org/ticket/43910
http://core.trac.wordpress.org/ticket/43910Report#43437: Add way for registered users to request deletion or anonymization of their private dataazaozzWed, 28 Feb 2018 16:04:55 GMTThu, 17 May 2018 20:28:14 GMT<p>
All registered users can edit or delete most of their data in WordPress like name, nickname, email, site, etc. The only exception is they cannot delete or anonymize their own account.
</p>
<p>
Generally a registered user can contact an admin and request this, but it would be better to have a standard "procedure" to do that. It will need to be confirmed to avoid misuse.
</p>
<p>
A good way to do that would be to have a simple button on the user profile screen where the user can request anonymization. Clicking it will email the user a confirmation link, similar to the password reset link. When clicked, it will load wp-admin again and will send email to the site admin.
</p>
azaozzhttp://core.trac.wordpress.org/ticket/43437
http://core.trac.wordpress.org/ticket/43437Report#43738: Make the GDPR Export/Delete functionality available in network-wide for super adminsTZ MediaWed, 11 Apr 2018 10:30:27 GMTWed, 16 May 2018 21:32:44 GMT<p>
There are approaches where single sites in a network are not independent, but integral parts of one website, interdependent in some way, or should be handled together for other reasons.
</p>
<p>
Therefore a view for GDPR export and delete similar to the one in a single site would be needed to manage network-wide requests in addition to the site-wide requests that should still work as expected if the site is part of a network. This should gather the data from all sites in a network, and export them in one file.
</p>
<p>
Common use cases are:
</p>
<ul><li>Site utilizing network installs using plugins like Multilingual Press for different language versions of one site
</li><li>Network installs where different sites in a multisite behave like one website to the end-user (same design, shared functionality, shared user base)
</li></ul>TZ Mediahttp://core.trac.wordpress.org/ticket/43738
http://core.trac.wordpress.org/ticket/43738Report#44181: The input field id username_or_email_to_export should be something else on remove_personal_data pageallendavMon, 21 May 2018 23:24:41 GMTMon, 21 May 2018 23:24:41 GMT<p>
Minor.
</p>
<p>
On wp-admin/tools.php?page=remove_personal_data
</p>
<p>
And as handled in wp-admin/includes/user.php in _wp_personal_data_handle_actions
</p>
<p>
Note that presently, the logic (regardless of erase or export) is using $_POST username_or_email_to_export
</p>
<p>
It should either be renamed on the remove_personal_data page, or a more generic POST variable name chosen for both remove_personal_data and export_personal_data (e.g. username_or_email_for_privacy_request)
</p>
allendavhttp://core.trac.wordpress.org/ticket/44181
http://core.trac.wordpress.org/ticket/44181Report#43605: Add HTTP/1.0 emulation to apiRequest()pentoThu, 22 Mar 2018 05:32:25 GMTFri, 06 Apr 2018 03:57:55 GMT<p>
HTTP/1.1 is nice, but the verbs are fairly strictly filtered by a bunch of web application firewalls.
</p>
<p>
For wider compatibility, we should default to HTTP/1.0, making use of the <code>X-HTTP-Method-Override</code> header.
</p>
<p>
See <a class="ext-link" href="https://github.com/WordPress/gutenberg/pull/5741"><span class="icon">​</span>https://github.com/WordPress/gutenberg/pull/5741</a> for an example shim, and examples of broken sites.
</p>
pentohttp://core.trac.wordpress.org/ticket/43605
http://core.trac.wordpress.org/ticket/43605Report#42737: Add method wp.api.getModelByType for retrieving api modelsmkazTue, 28 Nov 2017 17:52:54 GMTTue, 06 Mar 2018 23:27:49 GMT<p>
For Gutenberg, it will be easier and less error prone to fetch the wp.api.model by retrieving by type instead of creating a route and searching for the model that matches that route.
</p>
<p>
An open detail to work out is if namespacing is needed, can objects have the same name in different API namespaces in the same instance of wp.api. A potential solution could be an optional second argument.
</p>
<p>
For example: <code>getModelByType( type, versionString = 'wp/v2' )</code>
</p>
<p>
Related to <a class="closed ticket" href="http://core.trac.wordpress.org/ticket/41111" title="#41111: enhancement: WP-API JS Client: Add a helper to get model or collection by route (closed: fixed)">#41111</a>
</p>
<p>
Original Slack Discussion at:
<a class="ext-link" href="https://wordpress.slack.com/archives/C5UNMSU4R/p1511878493000062"><span class="icon">​</span>https://wordpress.slack.com/archives/C5UNMSU4R/p1511878493000062</a>
</p>
mkazhttp://core.trac.wordpress.org/ticket/42737
http://core.trac.wordpress.org/ticket/42737Report#39941: Allow using Content-Security-Policy without unsafe-inlinetomdxwWed, 22 Feb 2017 15:10:32 GMTThu, 29 Mar 2018 18:30:52 GMT<p>
Currently when using Content-Security-Policy with WordPress, you must use the <code>unsafe-inline</code> directive because there are a lot of blocks of inline JavaScript in WordPress core. This means that the browser cannot protect the user from attacks using XSS vulnerabilities. This is an unsatisfying situation because XSS vulnerabilities can be found in a great number of WordPress plugins.
</p>
<p>
The patch I’m providing today makes it possible to write a plugin which uses CSP without <code>unsafe-inline</code>. Such a plugin would make the vast majority of XSS vulnerabilities found in WP plugins useless to an attacker.
</p>
<p>
I’ve just added one new function: <code>inline_js()</code>. Now instead of writing <code>&lt;script&gt;doSomething()&lt;/script&gt;</code>, you would write <code>&lt;?php inline_js(‘doSomething()’) ?&gt;</code>.
</p>
<p>
I’ve changed enough instances of inline JavaScript to use <code>inline_js()</code> that you can try it out:
</p>
<ul><li>Apply this patch to WordPress
</li><li>Install and activate this plugin: <a class="ext-link" href="https://gist.github.com/tomdxw/e2aee45ad5cb2a309c6bd0fc213efb97"><span class="icon">​</span>https://gist.github.com/tomdxw/e2aee45ad5cb2a309c6bd0fc213efb97</a>
</li><li>Visit /wp-admin/
</li><li>If you have any plugins or themes activated which add inline JavaScript to the admin interface you’ll see that those have been blocked (in the console tab of developer tools).
</li></ul><p>
I’ve only changed some instances of inline JavaScript in this patch - enough to prove that it will work.
</p>
tomdxwhttp://core.trac.wordpress.org/ticket/39941
http://core.trac.wordpress.org/ticket/39941Report#32067: Remove inline javascript from WP-Core to allow CSP protectiontdelmasWed, 22 Apr 2015 20:24:31 GMTWed, 07 Feb 2018 15:15:27 GMT<p>
To avoid catastrophic effects of XSS, it would be safe to allow user to add a Content Security Policy (CSP) header.
</p>
<p>
To be effective, a CSP must at least disallow inline javascript.
</p>
tdelmashttp://core.trac.wordpress.org/ticket/32067
http://core.trac.wordpress.org/ticket/32067Report#36228: Uncheck "uncategorized" when you select a categorymelchoyceSun, 13 Mar 2016 17:44:50 GMTWed, 11 Apr 2018 09:06:25 GMT<p>
One of my assorted WordPress pet peeves is when I select a category for my post, and still have to uncheck "uncategorized." If you haven't changed your default category from Uncategorized, you probably don't want to continue using it once you assign a new category to your post. We should automatically uncheck "uncategorized" when you pick an actual category.
</p>
melchoycehttp://core.trac.wordpress.org/ticket/36228
http://core.trac.wordpress.org/ticket/36228Report#42775: Support uploading files in HEIF and HEVC formatsmattheweppelsheimerSat, 02 Dec 2017 23:02:31 GMTWed, 07 Feb 2018 23:35:55 GMT<p>
Mac OS X 10.13 High Sierra introduces support for new native image format HEIF and video format HEVF.
</p>
<p>
These aren't widely used by anyone yet, and absolutely no browsers support displaying HEIFs at present (per CanIUse.com as of 2017-12-02 <a class="ext-link" href="https://caniuse.com/#feat=heif"><span class="icon">​</span>https://caniuse.com/#feat=heif</a>) — not even Safari. So this clearly isn't a big priority, but it seems likely these will become ubiquitous in time, and it would be good to at least support uploading these file formats, since they are valid media files.
</p>
<p>
This was brought to my attention by this line in Ars Technica's review of OSX 10.13:
</p>
<blockquote>
<p>
The Ars WordPress CMS won't even let me upload HEIF files [...]
</p>
</blockquote>
<p>
<a class="ext-link" href="https://arstechnica.com/gadgets/2017/09/macos-10-13-high-sierra-the-ars-technica-review/"><span class="icon">​</span>https://arstechnica.com/gadgets/2017/09/macos-10-13-high-sierra-the-ars-technica-review/</a>
</p>
<p>
We should probably fix that. :)
</p>
mattheweppelsheimerhttp://core.trac.wordpress.org/ticket/42775
http://core.trac.wordpress.org/ticket/42775Report#17133: Code Editor: Register ctrl + s event for plugin/theme editorjcnetsysThu, 14 Apr 2011 12:20:34 GMTTue, 06 Feb 2018 13:01:22 GMT<p>
Often when modifying code or writing a post using the wordpress editor I instinctively hit ctrl + s to save it. Up pops the save website dialog which I then have to close. In Gmail when I hit ctrl+ s it saves the email to drafts. I think a similar thing would be useful for wordpress.
</p>
jcnetsyshttp://core.trac.wordpress.org/ticket/17133
http://core.trac.wordpress.org/ticket/17133Report#39965: REST API: not possible to request collection of posts across post typesiseuldeSat, 25 Feb 2017 10:44:30 GMTSun, 29 Apr 2018 16:49:36 GMT<p>
See <a class="new ticket" href="http://core.trac.wordpress.org/ticket/38920" title="#38920: enhancement: Use REST API for link query in editor (new)">#38920</a> for a simple core use case.
</p>
<p>
There seems to be no way to query posts across multiple (or all) post types as you can do with <code>WP_Query</code>. You have to start making multiple requests, which is an inconvenient and non-optimal approach? Ideally this should be directly passed to the server and <code>WP_Query</code>.
</p>
<p>
Related: <a class="new ticket" href="http://core.trac.wordpress.org/ticket/39851" title="#39851: task (blessed): WP_REST_Posts_Controller::get_items() has too many concerns (new)">#39851</a>.
</p>
iseuldehttp://core.trac.wordpress.org/ticket/39965
http://core.trac.wordpress.org/ticket/39965Report